Data retention may well be a valuable resource to fight serious crime and terrorism, but it’s not, when, if you decide to be a terrorist, you can also decide to evade the whole system by using Gmail.
(this post appears in The Conversation and is expanded upon here to offer new details – and a bit more emotion)
The purpose and implementation of the Australian government proposed metadata retention scheme is making less and less sense – but the political knives are coming out to get it passed. So what’s going on?
Last week the Prime Minister of Australia explicitly used the “you’re with us or with the pedophiles” argument to push the legislation ahead. However, the bill as written and explained in committee suggests it’s laughably easy for criminals to ‘opt out’ of data collection, while the rest of Australians still have their communications spied on, retained for two years, and kept in commercial data centres at tax payers’ expense with no assurances of security.
Further, as written, the bill’s worth as a tool to specifically fight terrorism, or any other serious crime, seems dubious. Anyone in Australia can easily ‘opt out’ of having their data retained simply by choosing any internet messaging service where the persons operating the service do not own or operate “in Australia, infrastructure that enables” that service.
So what does that mean for the apps commonly used on smartphones today?
Whatsapp, the popular mobile messaging app with 700 Million users, around 10% of which come from the Middle East, or Viber, a similar app with 20 Million users in Pakistan alone, are both excluded from data retention. These are some of the apps that David Cameron recently mused about baning in the UK.
According to answers given by Australian Attorney General’s (AG) department staff during the Senate Legal and Constitutional Affairs Reference Committee, the ‘in Austrlia’ provision also means that even Gmail is excluded.
With all these reports of what the bill leaves out or doesn’t do, no one seems to acknowledge what is actually in the draft bill, and how that language might affect policing, government, and privacy. The bill, good for nothing, bad for most things, presents a bit of a puzzle.
The second explanation, suggests that Australia is carrying out its obligations as part as a member of the five-eyesnetwork of English speaking intelligence partners (you remember POMs right?).
In this scenario, instead of the expensive “collect it all” mentality of the NSA under Gen. K Alexander, Australia’s AG department is pushing the political costs of data-retention schemes onto Australian corporations.
The logic here is that it makes economic and political sense to have Australian Internet service providers such as Telstra and iinet retain what’s theirs, rather than have the NSA hoover it up via a special collection service. Then, once data is stacked up in Telstra for two years, it becomes easier to institute backdoor access when the five-eyes require a peak. Not that the NSA and its partners are doing that anymore, right?? Nothing to see here comrade, move along.
The third explanation is more plausible, but is worse for Australians. It suggests, that contrary to the PM’s politiking, the data to be retained is not valued by the government for its national security or anti-child abuse value.
Instead, Australians are spied on for data that will become valuable for other state functions including the expanded reach of civil litigation. This includes “normal” policing, civil subpoenas, and even copyright disputes.
So, let’s detail why, while the first explanation might be plausible, it hides serious security and privacy concerns that expose how data retention will affect Australians in their everyday life.
Under proposed paragraph 187A(4)(b), the retention obligation is explicitly expressed to exclude the retention of destination web address identifiers, such as destination internet Protocol (IP) addresses or uniform resource locators (URLs).
Fine. What are we talking about then?
It’s all about the destination
What the government does seem to be after is “destination” data that basically amounts to an assortment of ‘dummy’ variables that help identify you, and who you are communicating with. Instead of IP address or webpage, they are interested in retaining email accounts, and Skype handles, and phone numbers, etc. for the connections you have made.
This information can then assist with determining the subscribers who sent or received relevant communications.
That is to say, who you’re talking to online, not where you went.
The government’s “destination” is in many ways more invasive than IP addresses or web URLs alone. For instance, think about how each person in Australia connects to the IP address 188.8.131.52. That’s Facebook.com. Retaining the metadata of time spent at that address would not produce much actionable intelligence on you or the other 8 million Australians who browse Facebook each day. Nor would it be all that invasive to privacy.
“Destination” data is different. “Destination” data seeks to capture who, specifically, you’re spending time with online; who is the destination that you are messaging through email, Skype, or possibly even Facebook’s real-time apps and services?
Think of it this way: two ‘destinations’ pass data through the same communications service at a series of very specific times, again, again and again. No other two ‘destinations’ share this unique pattern of time and confection.
Analysing how these ‘destinations’ link together with other metadata (eg. geo-location, device type/operating system, etc.) allows the government – or anyone else who snoops in on the retained data – to predict, for instance, that these communications were yours, and whether you targeted them to, let’s say, your spouse, or an “old friend” across town. And whether you meet up with that person from time to time. And where. And for how long.
Geolocation data alone is incredibly powerful when we all carry devices that connect to the internet in our pockets. And the Australian press is just starting to understand how powerful metadata is.
Retaining all of that metadata provides an incredible amount of information for civil litagants that can ask for it through a subpoena. As an former iiinet lawyer wrote:
The Data Retention Bill does not impose any limitation on access to the retained data by other legal avenues. This means there’s nothing stopping your ex-husband, your employer, the tax office or a bank using a subpoena to get access to that data if it is relevant to a court case.
All this data aslo creates a very valuable target for hackers, including ‘adversarial intelligence agencies’ trying to infiltrate your identity, ransom you for your secrets, or run some form of economic espionage.
I hope Australian service providers can keep all the data safe once they’ve accumulated two years worth of intimate connections for each Australian who uses any sort of telecommunications device.
This leaves the current idea of ‘Made in Australia’ data retention a seemingly disproportional mix of intrusion and risk, for minimal gain.
The need for such blanket spying on Australians that may or may not have conducted crimes, or may or may not be thinking of doing so, seems drastically oversold, while the consequences to privacy, and potential for abuse is very real.
For more erudite commentary on Australia’s data retention, check out the work done by my colleagues at the EFA.
Image: CC-BY-SA-3.0. (Original text : National Australia Day Council)