1. What concerns me is that there response is similar to the response I received from Optus about this issue on twitter last week.

    Hi Martin, any stored data is done in accordance with our legal obligations under Australian Law – Matt

    We’ve seen what can be construed to be legal obligations with all the S313 requests. If an agency comes to them and claims that it is reasonable for them to comply they don’t seem to question it.

    I don’t trust any of them.

  2. Would the logging/storage of user data not be done directly by Aus gov agencies as with direct fibre taps etc? This would make what Telstra is saying plausible though somewhat misleading.

    • Yep, could well be the case.

      Ordinary law enforcement jobs may involve asking the ISP to collect data, which of course they will do with a warrant. This should go without saying.

      If it’s a national security / intelligence mob doing the investigating, it’s unlikely they actually need any cooperation from the ISP as they have the tools to intercept regardless.

  3. >”unless required to do so.”

    Which therefore makes the denial meaningless. We already know that s313 places substantial and very vague obligations on carriers.

    Telstra’s poor history in this regard creates a fundamental trust issue. The cloud (no pun intended) hanging over them, and over the LENSAs, can only be cleared by having a parliamentary enquiry with a full public disclosure over the scope of their activities.

    One important issue that remains unresolved is: what is metadata?

    How much of an email that either passes through Telstra’s network or is handed to Telstra for onward delivery is metadata and how much is content?

    How much of a web request that either passes through Telstra’s network or is intercepted by Telstra (transparent proxy) is metadata and how much is content?

    The definition of metadata was created in the telephone era. It is fine for telephone calls placed over the PSTN. The definition is inadequate in the internet era.

  4. Telstra moved there email to US based servers a year or so ago. They dont have to log anything the NSA will do it for them.

  5. They might not collect this data for law enforcement unless they have to, but they do collect it for their own use..
    I was at a presentation at the Oracle offices in Melbourne a few years ago where a Telstra guy was talking about “Big Data” and how awesome it was for marketing, one example he used was the potential to market a new mobile plan to a home phone customer who uses their home phone to call a competitors prepaid recharge line.

    If they can use this kind of billing metadata for marketing, what’s to stop them marketing to you based on your web history, calling patterns, mobile locations etc.

    • I would say to start with that the number you call is an inherent part of billing the service. Usage is not charge in this way, just by session so they would be collecting and storing information for no purpose. Sees like something some exec would come along and say “waste if money, cut it”.

  6. Simple question to Telstra: Did they install a system from Gigamon or not?

    If so, why?

Comments are closed.