news Australia’s financial regulator has called for the content of online communications – not just the metadata associated with the communications – to be retained as part of the Federal Government’s data retention and Internet surveillance package being pushed by the Attorney-General’s Department, in a move which was immediately damned by critics of the proposed scheme.
The Federal Attorney-General’s Department is currently promulgating a package of reforms which would see a number of wide-ranging changes made to make it easier for law enforcement and intelligence agencies to monitor what Australians are doing on the Internet. For example, one new power is a data retention protocol which would require ISPs to retain data on their customers’ Internet and telephone activities for up to two years, and changes which would empower agencies to source data on users’ activities on social networking sites.
Attorney-General Nicola Roxon has specified that the data retention proposal would only see so-called ‘metadata’ collected – constituting data about senders and receivers of communications such as phone calls and emails, as well as the time sent and location, but not the actual content of communications, such as the text of emails or recordings of voice telephone calls.
However, according to a media release issued by free market thinktank the Institute of Public Affairs this afternoon, one of Australia’s key regulators wants to go further. “In evidence given to the National Security Inquiry in Sydney today, ASIC stated that the content of online communications was needed to investigate insider trading and Ponzi schemes,” wrote the IPA. The transcript of today’s proceedings is not yet available.
Such a move would dramatically increase the scope of the data retention scheme, which is already heavily opposed by a broad coalition of groups ranging from civil liberties organisations to privacy groups and even telecommunications companies and ISPs. The IPA damned ASIC’s proposed expansion of the data retention scheme, in its statement.
“The Australian Securities and Investments Commission’s push to access the personal data of all Australian web users shows exactly why the government’s proposed mandatory data retention regime should not go ahead,” said Simon Breheny, director of the Rule of Law Project at the IPA.
“The IPA predicted that power-hungry regulators would make a concerted effort to get hold of any information retained under a data retention regime. The fact that ASIC has demanded this and more before the laws have even passed is a stark warning to all Australians,” he added. “The Australian people have been told we need new mandatory data retention laws to fight terrorism. ASIC’s push to access this data, and to make it even more comprehensive, completely undermines all assurances we’ve heard from the federal government.”
“ASIC is just the latest in a fast growing list of government agencies that have demanded the use of communications data. The Australian Competition and Consumer Commission and Australian Customs and Border Protection Service made similar claims earlier this month,” the IPA added.
“The IPA remains unconvinced that police need these new laws. The case has not been made and studies have shown data retention to be completely ineffective in fighting crime. But the idea that any agency of government could access this data is even more frightening. The only way to ensure that doesn’t happen is to stop these laws being passed in the first place,” said Breheny.
The news comes as police organisations this week told the parliamentary committee into the data retention and surveillance reforms that they would prefer if the metadata which would be retained under the proposal to be retained “indefinitely” instead of just for a two year period. The Pirate Party of Australia has described the idea of indefinite data retention as “appalling”.
“It appears that the police commissioners are trying to portray their two-year retention proposal as a reluctant compromise, yet any blanket warrantless arbitrary retention of the communication data of the entire population is a totally unnacceptable risk to civil liberties and fundamental privacy rights,” said Mozart Olbrycht-Palmer, Deputy Secretary of Pirate Party Australia in a statement this afternoon. “While arguing about ‘how out of date interception laws are,’ they seemed oblivious to the fact that an intrusive scheme of warrantless retention of data was already passed under the Cybercrime Legislation Amendment Bill. These amendments provide targeted retention on request, rather than automatic blanket retention of everyone’s data.”
“We object to any widescale surveillance systems, and oppose mandatory data retention for all Internet connections, regardless of the retention period. Judicial oversight and explicit, limited warrants are necessary safeguards that the National Security Inquiry discussion paper proposes to eliminate. It appears that the police commissioners are essentially saying ‘trust us’ while attempting to do away with judicial oversight of their actions, railing agianst the ‘burdensome’ nature of warrants – an element key to protecting society from abuse of powers.”
Background
In general, the Government’s data retention and surveillance package has attracted a significant degree of criticism from the wider community over the past few months since it was first mooted. Digital rights lobby group Electronic Frontiers Australia has described the new powers as being akin to those applied in restrictive countries such as China and Iran, while the Greens have described the package as “a systematic erosion of privacy”.
In separate submissions to the Parliamentary Joint Committee on Intelligence and Security inquiry into the reforms, a number of major telecommunications companies including iiNet and Macquarie Telecom, as well as telco and ISP representative industry groups, have expressed sharp concern over aspects of the reform package, stating that “insufficient evidence” had been presented to justify them. And Victoria’s Acting Privacy Commissioner has labelled some of the included reforms as “being characteristic of a police state”.
The Institute of Public Affairs, a conservative and free market-focused think tank, wrote in its submission to the parliamentary inquiry on the matter that many of the proposals of the Government were “unnecessary and excessive. “The proposal … is onerous and represents a significant incursion on the civil liberties of all Australians,” wrote the IPA in its submission, arguing that the data retention policy should be “rejected outright”. And one Liberal backbencher, Steve Ciobo, has described the new proposal as being akin to “Gestapo” tactics.
In addition, last week The Australian newspaper reported that about a dozen Coalition MPs had bitterly complained about the data retention proposals in a passionate party room meeting, with Opposition Leader Tony Abbott being urged to directly pressure the Government on the issue.
Roxon and agencies such as the Australian Federal Police have attempted to justify the need for a data retention scheme by stating that the increasing use of the Internet by criminals has made traditional telecommunications interception powers less useful.
“The need to consider a data retention scheme has come about because of changes in technology that have affected the behaviour of criminal and national security suspects,” said Roxon this week. “Targets of interest now utilise the wide range of telecommunications services available to them to communicate, coordinate, manage and carry out their activities. The ability to lawfully access telecommunications data held by the telecommunications industry enables investigators to identify and build a picture of a suspect, provides vital leads of inquiry and creates evidence for alibis and prosecutions.”
opinion/analysis
Wow. So this data retention proposal isn’t even law yet, and already Australian regulators are proposing to extend it beyond the so-called ‘metadata’ aspect and into the actual content of communications? Incredible. Surely it is not worth creating a gigantic archive of all Australians’ communications just to catch the incredibly small percentage of Australians involved in financial fraud? But maybe this is something ASIC doesn’t appear to understand? This is government at its worst – out of control, seeking total surveillance of every citizen, making a huge land-grab on Australians’ privacy.
Image credit: Mateusz Stachowski, royalty free
Surely it is not worth creating a gigantic archive of all Australians’ communications just to catch the incredibly small percentage of Australians involved in financial fraud?
got something to hide Renai?
Damn right I’ve got something to hide. It’s called privacy.
A couple of dirty cops with this implemented and the news of the world phone hacking scandal will be a drop in the ocean.
“Got something to hide?”
Go stick your head in a bucket of cold water and wake up.
There are some many laws that you can be made guilty of breaking if the police cared to do so.
Not a single person should be held on the assumption that they are guilty until proven innocent, this is exactly what these sorts of proposals do.
We use to have a great country once…. :(
We still have no freedom of speech.
They have been censoring media for years (wasn’t until massive revolts against book censorship anything was really done) we are still at risk of sharing any views that aren’t in a political context (http://www.abc.net.au/mediawatch/transcripts/s1489465.htm, Australian Capital Television Pty Ltd v Commonwealth). And more recently the internet filter proposed.
Aboriginals were oppressed for years and still are treated as second class citizens. We stole their children in a misguided attempt to assimilate them in our society. Murdered quite a few when we tried to settle here.
I’m not saying we don’t have a great country, but I hardly find stuff like a step backwards, its more like a bad smell that’s been around for years and then finding something dead sitting behind the fridge.
We just need to accept it is a disgusting mess in front of us and just clean it up.
Let us make some progress against misguided law creation.
Wow… just wow. I mean insane … yep wow doesnt cut it. This very suggestion is so insane the people behind it do not deserve to be allowed into the general populace.
Telstra routed 1,353,678 TB of data over their network in the 11/12 financial year. Up 56% on the financial year 10/11, with the growth in data globally likely being similar. So another 56% is reasonable next year.
That’s Telstra alone. 1.3 Exabytes. I’m at a loss for words as to how ASIC could even think to suggest this was a reasonable idea, let alone say it out loud for anyone else to hear.
Telstra will handle approximately 2 Exabytes of traffic next year, and ASIC think it can ALL be stored… I just cant imagine the costs or the amount of space, the overhead, the gargantuan insanity of the very idea.
Someone deserves to be fired or committed to a mental hospital over this idea… or both.
Just a correction. I think you mean Petabytes..
No, exabyte is right. 1,000TB = 1PB. 1,000,000TB = 1,000PB = 1EB
This is getting truly frightening.
Some organisations already give the appearance of rubbing their hands together to flex their yet to be decided on muscle.
I never thought I’d say this, as I was born in Australia, but today is the first time I’ve ever felt a little niggling fear creep into my consciousness about what powers we are granting our government. If this feeling persists, and these new found powers are granted, I will be seriously considering moving myself, my wife, and my 20 month old son to another country.
I do not want him growing up in a pseudo-police state where he has to be on guard about what he says and does during his waking hours in order to avoid classification as a person to watch, or at worst, a criminal.
Incidentally, if you consider my outburst perhaps a little over the top, try to imagine every time you type something on a mobile phone, PC, kiosk and tablet that it may be used against you in a courtroom.
Then decide how over the top my previous statement is.
Sorry, meant to add after court room ……
“no matter how innocent you think you are at the time”
Not trying to freak you out further, but combine this with the association laws in several states which are *supposedly* to combat motorcycle gangs, yet don’t mention them anywhere in the law. These laws criminalize association with criminals, whether their criminal status is known or not.
Theoretically, using these laws intelligence agencies will be able to create vast maps of who has associated with who, correlate that with the association laws and one person committing a crime could expose anyone he or she has associated with in those maps to possible prosecution.
ok,
/facepalm
they want us as ISP’s to build big massive data centers that will need to rival google so we can store all the data for every customer for two years.Do they get that in an NBN would, this little idea of theirs could cost more than the entire NBN project as it stands.
100k people on 100Mbit connections with unlimited traffic, all been recorded by the isp. HDD vendors will be happy.
brb, need to bang my head against a desk for a few minutes.
“brb, need to bang my head against a desk for a few minutes.”
You do that… I’m off to invest in some storage companies…
Perhaps these regulators and law enforcement bodies could demonstrate how innocuous their proposals are by voluntarily implementing equivalent data retention regimes for communications within their organisations now for the purpose of policing freedom of information laws and for the benefit of the various anti-corruption bodies that investigate the regulators and law enforcers?
What would they be storing if say I always use overseas email servers and keep traffic encrypted? Will Gmail be compelled to expose two years of emails?
Overseas in the USA? That’s where your data is going anyhow.
Overseas in Japan? Who would just hand it to the USA.
Overseas in China? Russia? e-Stonia?
The problem is that encryption does not protect you. All your data will be stored and will be cracked sometime. Should you come to the attention of the authorities then they will talk a crack at your data.
This is a bad move all around. What worries me is that the creep is very intentional. Ask for everything, get half now and then use that as a success story to demand the other half next year because of your failures.
Don’t forget they also, as part of this reform package, want to make it a crime to withhold the encryption key/password to accounts.
So even if you have encrypted mail, in an offshore account, they will charge you and throw you in jail for not supplying it to them upon request.
Ahh “awesome” I missed the compelling passwords bit.
If you are smart you regularly delete old keys. Might not save you for prison, but could save you from a midnight flight to some unspecified black site that doesn’t exist in a country that has fairly lax human rights laws… if you know what I mean.
Just to follow up by the way, it is normal that HTTPS streams use a temporary session key that gets deleted (sent from client to server, encrypted with the server’s public key). If your session key is 40 bits or 56 bits, then it is weak anyow. If it is 128 bits then you might be OK, but typical server 2048 bit RSA key is *probably* breakable by someone who cares enough.
You cannot later on reveal the SSL session key, because you never knew what it was.
It’s already a crime to withhold encryption keys from law enforcement – see the Crimes Act 1914 Section 3LA.
Reading another article, Telstra apparently told the committee today that: “These over-the-top providers could also need to be included in a data retention scheme, Telstra said, as carriers are unable to provide metadata from these providers.”
But I don’t see how the government would be able to compel overseas companies to comply with an Australian law – it would be similar to the problems the ACMA has in issuing take down notices to sites hosted overseas i.e. those sites don’t have to comply because they are outside of Australia’s jurisdiction. It would have to be through agreements I would imagine, but that brings in the issue of privacy laws in the other jurisdiction(s).
I don’t think the people advocating this care about these “details” though. They are too busy hyperventilating at the thought of all the new data that they will be able to sift through.
They are welcome to store my GPG encrypted email communications.
…and what will the mighty ASIC do if it gets all our stuff?
f..k up most of their prosecutions, make buddy/buddy deals with the banks, hit its miniscule number of successfully prosecuted vilains with pissant fines… and watch as fortress isp loses all of the data to hackers…
clowns to the left of us, jokers to the right, and the whole idiot circus run by incompetent f..ktards…
Not quite what you think, they are ktards with guns.
I love the way that ASIC want gestapo powers to go after human traders, but let high-frequency trading bots run rampant.
ASIC: We contribute to Australia’s economic reputation and wellbeing by ensuring that Australia’s financial markets are fair and transparent, supported by confident and informed investors and consumers.
HFT is now about 75% of the trades on the ASE (HeraldSun 21/9/12) and big investors are moving to off market trading systems (dark pools). The ASE is concerned about dark pools, nett loss against what they get from leasing server room space and HFT fees and has set up its own dark pool system.
By this measure it seems ASIC have already failed. It is interesting to note in a cart before the horse kind of way that the Canadian government is going after these off market trades (NYT 26/9/12) and ASIC is considering minimum order sizes ($25K-$50K) for the dark pools thereby forcing the little guy back into into the HFT corrupted trading space. Perhaps ASIC should update its website to reflect outcomes rather than intents and then come back and describe why everyone else should be a suspect.
Great post Bruce.
Can we all say “1984”???
if the amount of data that is transmitted over 2 years as stated above is done year after year etc. and doubles each year (including NBN) and ALL providers, doesn’t matter who runs the backbone of the net here in australia (optus, telstra etc…) I hate to think how MUCH data that would equate to, and most of all who has to pay for something we DON’T WANT!!! in the first place????
Us the taxpayers, we simply don’t want ANYTHING that resembles this or ANYTHING like it at all now or EVER!!
I don’t want it and I will NOT pay for it.
maybe a huge refuse to pay taxes protest is in order.
And when all data is compulsorily stored in the cloud will we be able call on the government for our backups?
Given all the recent high profile security mishaps around the world. How long could we expect to wait for a similar incident to occur given the value of this data.
What should worry people even more than data retention in the ability to track, and keep location data on, your mobile phone use.
Just imagine a completely innocent person who just happens to be in the vicinity of where some nasty thing has happened and has been tracked by his phone. Automatically “Guilty m’Lord” as he was there and we can show you his tracking details – meanwhile, wily criminal (who turned his phone off, or doesn’t take it with him) gets of scot free!
If you have too much data to play with then you can always find enough to prove anything.
It will be like the US trying to monitor al qaeda. Crims will just go back to the good old method of person to person, couriers and probably the odd stolen phone.
Sad thing is that the politicians are the biggest crooks out there and they don’t even show a modicum of remorse and get paid shit load for it..
I found this article to be particularly interesting when contrasted with the previous article on Assange.
Governments who want to watch but not be watched….
+1
ASIC can go f**k themselves. Just sayin’
I can not believe this.. wow.
All I can say.. it would probably be more secure living in China! and behind their wall…
Unsurprising Feature Creep… the very thing we always bat on about.
So why not the usual bile and name calling on this Labor proposal (metadata retention) or do you only save that for the Liberals position on the NBN? You treat this disgraceful proposal with kid gloves.
Lets look on the bright side, at least with the NBN they can spy on us all quicker.
Take your partisan hackery elsewhere.
You can hardly call the above responses to this as treating it “with kid gloves”.
And as for the NBN, it’s a tool, it’s not the mechanism by which the powers to surveil is granted. You may as well call Australia Post as a method where “they can spy on us” as well. Ridiculous.
The problem is no one has stepped up and ‘championed’ this as legislation, we have only the Federal Attorney-General’s Department to scream at so far, and I want to see the 2 major parties answer properly what they think of all this, labor or liberal I dont care which, anyone supporting this foolishness will not get my vote, they will go strait to the end of the damn vote form.
You obviously haven’t wondered why the Liberal front bench isn’t all over this….just sayin’
“Lets look on the bright side, at least with the NBN they can spy on us all quicker.”
You know what else? With the NBN we can defeat and circumvent these things EASIER and quicker too. yeah you really didn’t think that on through did you? durrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr.
+1 NBN.
I agree, but the trouble is that the Liberals are essentially a Corporatist party and not much better. John Howard took away a lot of Australian freedom, and it ain’t coming back under any Lib/Lab government in the future.
The Green’s presently stand up for freedom, but would they do that if they actually took power? Unlikely. Power corrupts, always has done.
If they really want to go ahead with this, they should implement a system whereby all data is copied to ASIC and let them worry about the storage and searching.
See how they go when it’s their problem
Very true.
Quite often with these sort of things, the agency wants the increased powers but doesn’t want the responsibility that goes with them.
Let’s see how committed they are to this cause and ask them to store all that data. Watch the backpedalling then.
Look up the Patriot Act in the US, this is going down the same path. The Patriot Act was invisioned after 9/11 because the people were scared and paraniod and thus was dreamt up by the idiot government (George W.) and the media as something to calm the idiot public. They used all the buzz words of the times “criminals” “terrorist” “pedophiles” in order to scare people who didn’t understand into giving up their freedoms and the people were happy to do so.
Anytime you see or hear the government use these words to promote anything, be wary, very wary as to the actual motive behind it. Then go out and educate everyone as to the true consequences of what will happen once this law gets passed.
People of Australia, following in the footsteps of the US is NOT a good thing, specially in this case.
Well put…
If you check the US a bit more closely, there wasn’t even really an act. They just did the wiretapping illegally, then issued pardons to all concerned. What they are discovering is that their economy depends on the rule of law, and such acts result in self-inflicted economic vandalism.
Bit of scope creep here.
Governments seem to love having fearful citizens, who will permit laws like this to be passed.
I was born and grew up in East Germany, before emigrating to Australia in the mid nineties.
I saw first hand what living under the Stasi was like, and I find this proposal truly scary.
April Fools Day already?
How this piece of gobsmacking stupidity of a thought bubble made its way into a JPC hearing is beyond me. Did the ASIC Commissioner also ask for a pony and an ice cream too, otherwise he’d take his bat and ball and go home?
We need more adults in charge. Someone give this fool a lollipop and show him the way to the nearest playground…
Comments are closed.