2 year ISP data retention policy

[Otto-matic]

Surprised nobody has posted about this yet
http://www.smh.com.au/technology/techno ... 25amz.html

Essentially from my reading the plan is to make ISPs keep 2 years worth of data on all trackable online activities of their users such as browsing logs and email.

Personally I'm against it for a few reasons
1. Security breaches happen. If a hacker or even a disgruntled employee got in they would have a wealth of personal and sensitive information to cause havoc with. There is also the chance that they could pollute the data with false entries and get others in trouble.
2. It assumes that everyone is guilty of something by removing their right to privacy. I would be OK if this was required for anyone under investigation for a crime, but the current system seems to indicate that everyone is under suspicion of committing a crime. AFAIK the police require a warrant to wiretap somebody's phone or to put surveillance equipment on their home / car, I fail to see how tracking all of their online transactions and correspondence is any different.
3. Costs involved will hit the end user whether it is funded through taxpayer dollars or from increased ISP charges. Hooray for them charging me money to make sure I'm a good boy.
4. If someone actually wanted to hide what they were doing because they know it's illegal, it's not particularly hard to set up a VPN or similar. This law would create extra attention on these evasion measures meaning actual criminals are more likely to use them.

[Yurtles]

It's perfectly understandable why law enforcement would be pushing for something like this, it'd make their jobs a lot, lot easier. What's not understandable is why the governement would ever be considering servicing the police's desires at the expense of the people.

[Ashigaru]

I'm not a fan of this...

[SaNE]

It is amazing how quickly the AG flipped her stance...

[Sathias]

It is amazing how quickly the AG flipped her stance...

And that is has been one of the few topics where there has been bipartisanship between the two parties

[Mekon]

Yeah, it's a load of ****...

One of the points made in that article that really resonates with me is that it really throws out the concept of "innocent until proven guilty" - everyone is a suspect and needs to be monitored.

[Sathias]

One of the points made in that article that really resonates with me is that it really throws out the concept of "innocent until proven guilty" - everyone is a suspect and needs to be monitored.

I don't know I'd agree with that conclusion. If the police want to find out who you have had phone conversations with, they can subpoena the phone company and get a list of your calls. By the same token, that would also have to be considered "monitoring".

I don't like the policy because I feel it has a huge potential to be abused, will be easily bypassed by those with something to hide and has potential to be hacked, but I don't know I'd go so far as to say it destroys the presumption of innocence.

[SaNE]

That's the whole thing, they can already get this data as long as they have a warrant to 'tap' your browsing.
So instead of having cause to get the data, they (whoever they are) will just collect it and then use it how they see fit.

Who the hell are they going to trust with 2 years of everyone's data?
Why was there a sudden flip from the AG?
Why can't they just get a warrant when they have cause?

Something doesn't smell right. The sad thing is that if it does get introduced, it's going to be abused and it's going to be leaked.

[Otto-matic]

It's getting through pretty quietly too it would seem. Then again the media industry are also pushing for it.

[Mekon]

I don't know I'd agree with that conclusion. If the police want to find out who you have had phone conversations with, they can subpoena the phone company and get a list of your calls. By the same token, that would also have to be considered "monitoring".

And to get a subpoena, they have to show cause, ie. have reasonable grounds. This is default monitoring of conversations - the equivalent of phone tapping (which as far as I understand, has a far greater burden of "proof"), done on a universal basis.

It's getting through pretty quietly too it would seem. Then again the media industry are also pushing for it.

The vast majority of what passes for reporters in this country aren't worthy of the name. Crikey have been following this for a while now, very few other sources have been.

[Jez]

One of the points made in that article that really resonates with me is that it really throws out the concept of "innocent until proven guilty" - everyone is a suspect and needs to be monitored.

I don't know I'd agree with that conclusion. If the police want to find out who you have had phone conversations with, they can subpoena the phone company and get a list of your calls. By the same token, that would also have to be considered "monitoring".

I don't like the policy because I feel it has a huge potential to be abused, will be easily bypassed by those with something to hide and has potential to be hacked, but I don't know I'd go so far as to say it destroys the presumption of innocence.

I'm not sure you can compare phone records to this more explicit kind of monitoring. This is more like the state placing a tap on everybody's telephone line that records every conversation, or the state opening everybody's mail as it is sent and received. I do think there is a tendency for the older generation (ie parliament) to try and regulate the hell out of new technologies and new mediums that they don't really understand, so the hue and cry on this kind of is limited by that technological factor. Unfortunately I think if it does pass it will be extremely difficult to repeal due to the bipartisan nature of the support and general political inertia.

I also think another huge risk they're taking here is the fact that having a huge database of customer information is going to be very expensive/risky for ISPs. Suddenly they've got this 2 year database of everything every client has done, and they've got to keep it secure from hackers and unscrupulous employees. The various hacking scandals of the past few years have revealed that even companies that practice good habits when it comes to online security (ie Valve) are vulnerable to hacking, so I can't imagine that Australian ISPs will be exempt. How vulnerable would a customer's email address and password be in this kind of system? How about their bank or credit card information? Certainly I think this potential vulnerability gives everyone (and not just criminals) a good reason to want to circumvent any monitoring system as much as possible.

[Mearehear]

"Echelon" has been enough to give people privacy concerns and start conspiracy theories, and that is only based on keyword linking (or like, whatever ) which is nothing compared to what this data retention will do.

Years ago Yahoo (I think it was yahoo) released a whole heap of their search engine records with search "users" only being referred to as numbers. But from this data a journalist (my memory may be lacking as to who did it) used the search data of one of these user "numbers" to figure out the identity and address of person behind this supposedly anonymous data. The person was an old lady who had no idea that at all that her personal searches were not private and actually saved by yahoo, let alone released publicly.

To think they can now legislate the retention of basically everything we do for any period of time is truly a worrying prospect. We all know they cannot 100% safe guard the information (wikileaks is proof governments can't protect their own information) , nor can they 100% be sure it won't be used against us in ways they have not yet thought of.

The move to make the Internet a governed space is happening.

Sent from my GT-S5830T using Tapatalk 2

[Chucky]

A great read from Steve Dalby (Chief Regulatory Officer for iiNet)

http://blog.iinet.net.au/data-retention ... -suspects/

[matthewdev]

Otto-Matic, all excellent points. I'm with you all the way. Their seems to be very little reasonable justification for the whole idea. I worry about how easy it would be for all this information to be misused.

[Otto-matic]

Looks like an FOI request for the draft legislation has been denied. That's always encouraging that they are working in the public interest
http://delimiter.com.au/2012/10/10/govt ... ion-bills/