Feeds

Aussies face 10 year browsing lock-up

Super store of emails, sites visited

Beginner's guide to SSL certificates

Anything Europe does, Australia would like to think it can do better – and when it comes to snooping on individual internet usage, Australia is determined to lead the way.

A report in ZDNet Australia this week reveals that the attorney-general's department has been holding discussions with industry on setting up an Australian data retention regime.

Such an approach would oblige ISPs to hold not only the private web browsing history of their subscribers, but also all emails sent by subscribers for a set period of time and to make both of these available to law enforcement agencies on request.

However, Australia is thinking of going much further than Europe: a period of up to ten years appears to be under consideration. This would dwarf the term set out by EU directive on this issue (pdf), which appears to be the model of choice, and which envisages such records being maintained for between six months and two years. It even beats the UK’s RIPA regime, which requires ISPs to hold records for 6 years.

At present, these plans are very much at the drawing board stage. In February of this year a Bill passed in the Australian Senate permitting ISPs to intercept traffic as part of "network protection activities". It is likely, however, that further legislation would be required in order to implement such far-ranging measures – and such a Bill is unlikely to be brought forward this side of the forthcoming Australian general election.

An official statement from the the attorney-general's department confirmed that it "has been looking at the European Directive on Data Retention, to consider whether such a regime is appropriate within Australia's law enforcement and security context.

"It has consulted broadly with the telecommunications industry."

According to Internet Industry Association (IIA) Chief Executive Officer Peter Coroneos the industry has been holding discussions with the attorney-general's department, but the IIA hasn't "seen any firm proposals yet from the government".

He said: "It's more along the lines of [the attorney-general's department asking] 'What do you see the issues being if we were to move to a position similar to the EU?'."

Electronic Frontier Australia (EFA) chair Colin Jacobs said the proposals were "a step too far".

"At some point data retention laws can be reasonable," he said, "but highly-personal information such as browsing history is a step too far. You can't treat everybody like a criminal. That would be like tapping people's phones before they are suspected of doing any crime."

For now, department officials are still talking. Critics have pointed out the difficulties for smaller ISPs of complying with such a move, but when it comes to policing the internet, the record of the Australian government to date suggests that practicality is not the highest priority.

According to one industry insider, the government once again has the dual threats of terrorists and paedophiles in its sights – and therefore we should expect further action on this issue. ®

Intelligent flash storage arrays

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Simplify SSL certificate management across the enterprise
Simple steps to take control of SSL across the enterprise, and recommendations for a management platform for full visibility and single-point of control for these Certificates.