Australia won't back away from data retention plan
Anonymous restive as A-G restates case for government data trove
Australia’s Attorney-General Nicola Roxon has re-stated the case for a European-style data retention regime, arguing that there’s no point bringing a knife to a gun fight when it comes to protecting Australia’s interests.
In a speech delivered to the 2012 Security in Government conference in Canberra today, Roxon quickly addressed the argument that it is dangerous for governments to hold a lot of information about their citizens, saying:
“We hold more information than ever before. This information is not only Government information but it is often personal information of Australian citizens. The responsibility we have to protect that information is immense. Because the information is now stored online it is also accessible to potentially more people within an agency – increasing the risk of insider threat.”
The Australian government is therefore “turning up the heat on our own systems to ensure we’re secure from insiders who might have the ability and access to threaten our national security.” That heating process is using a new “Protective Security Policy Framework” Roxon said has been “…specifically written with an eye on the online environment” and “marks an important shift from a compliance based model to a risk management approach, providing guidance on how to identify risks, as well as the controls needed to mitigate them.”
Her speech moved on to privacy and how it is, in her view, important “to strike a balance between ensuring we have the investigative tools needed to protect the community and individual privacy.”
That balance, she argues, can be achieved even under a regime that allows data retention, because it is such a useful investigative tool.
“Many investigations require law enforcement to build a picture of criminal activity over a period of time. Without data retention, this capability will be lost,” Roxon argued. “Many of you will recall the disturbing murder of Cabramatta MP John Newman in Sydney in 1994. Call charge records and cell tower information were instrumental in the investigation and subsequent conviction on Phuong Ngo (FONG NO). These records allowed police to reconstruct the crime scene.
She added that there has been plenty of attention paid to data retention laws, the consultation process that sparked the ire of Anonymous is just a consultation process and is being conducted in the open, which should quell fears about governments granting themselves unfettered power.
She then explained the Raison d'être for the data retention proposal and other reforms:
“We cannot live in a society where criminals and terrorists operate freely on the internet without fear of prosecution. We cannot allow technology to create a ‘safe haven’ for criminals, or a ‘no go’ zone for law enforcement.
But, this does not mean unfettered access to private data either.
What it does mean are carefully drafted, tested and oversighted national security laws – and this is what I’m focussed on delivering.”
Roxon signed off by pledging that “, I will focus on delivering the right checks and balances to ensure that national security powers are not abused and that the privacy of Australians is respected.”
The difficulty of achieving that level of security is, however, what Anonymous thought it had pointed out by revealing personal data found on a neglected server belonging to Australian telco AAPT. The Reg mentioned the contents of Roxon’s speech in an IRC channel frequented by entities who use the iconography and identity of Anonymous. The response indicated considerable displeasure and intent to again protest vigorously, in Anonymous’ particular fashion. ®
"We cannot live in a society where criminals and terrorists operate freely on the internet without fear of prosecution."
So the best way to stop "terrorists" is to create a big cache of data on every citizen that can be reviewed whenever a suspicion arises? Reminds me of German history: the Stasi created extensive files on every possible dissident (= most citizens) to ensure that they would have the data to catch possible terrorists and / or inconvenient activist. Of course, they had to invest a little more work to collect the data, since their citizens were less prone to reveal their lives on the internet. Now we move on to Stasi 2.0 with somewhat modernized tools.
Now, that the communist systems have failed, the free democracies have lost their motivation to maintain individual freedom. There is no more bad guy to offer a dissuasive example for us, there is no comparison to tell us when we cross the line to a surveillance society. But the comparison to German history makes me wonder where all those highly trained surveillance officers from the Stasi found their new job.
Ooh, and Mrs. Roxon offered a classic tell to illustrate the disconnect between her desire to supervision and the real threats for society: Her example for the terrorist threat is the murder of a politician in 1994. No major atrocities since that date? Sounds like a fairly safe society to me.
A couple of points...
AFAIK the law states that ISPs should retain data for two years. That is outside of any protection the government can provide, so her context about risk management is wrong.
Today it was on the news that a child sex ring had been busted. The online communications were tracked, and connections with users in America were found. American authorities were alerted, and both Australians and Americans were arrested. So, if that is possible now, tell me again why we need data retention laws?
As many have said, It is already possible to communicate in secret on the internet.
These laws do not strike a fair and proper balance.
I have been looking at this topic for some time, have come to the conclusion the 'public' will lose, and therefore would simply suggest that VPN becomes the defacto communications means. The problem I have is that when I used VPN to download I lost 50% of my bandwidth. I am also not fully clear on how to establish a reliable, permanent VPN for my entire family network, particularly without losing so much bandwidth.
So, Reg Readers/Authors, - how about a lesson on establishing permanent, simple to use VPN for the entire household, assuming some form of permanent (DSL) internet connection, and NAT firewall. In my case, thats 4 users, 2-3 devices each, all living on one house with a permanent hi-speed connection. The solution has to cater for browsing, email, on-line games and downloads. Also, services such as iTunes movies, Netflix etc...
Mac OS X and Windows 7 users...