Feeds

Australia won't back away from data retention plan

Anonymous restive as A-G restates case for government data trove

Secure remote control for conventional and virtual desktops

Australia’s Attorney-General Nicola Roxon has re-stated the case for a European-style data retention regime, arguing that there’s no point bringing a knife to a gun fight when it comes to protecting Australia’s interests.

In a speech delivered to the 2012 Security in Government conference in Canberra today, Roxon quickly addressed the argument that it is dangerous for governments to hold a lot of information about their citizens, saying:

“We hold more information than ever before. This information is not only Government information but it is often personal information of Australian citizens. The responsibility we have to protect that information is immense. Because the information is now stored online it is also accessible to potentially more people within an agency – increasing the risk of insider threat.”

The Australian government is therefore “turning up the heat on our own systems to ensure we’re secure from insiders who might have the ability and access to threaten our national security.” That heating process is using a new “Protective Security Policy Framework” Roxon said has been “…specifically written with an eye on the online environment” and “marks an important shift from a compliance based model to a risk management approach, providing guidance on how to identify risks, as well as the controls needed to mitigate them.”

Her speech moved on to privacy and how it is, in her view, important “to strike a balance between ensuring we have the investigative tools needed to protect the community and individual privacy.”

That balance, she argues, can be achieved even under a regime that allows data retention, because it is such a useful investigative tool.

“Many investigations require law enforcement to build a picture of criminal activity over a period of time. Without data retention, this capability will be lost,” Roxon argued. “Many of you will recall the disturbing murder of Cabramatta MP John Newman in Sydney in 1994. Call charge records and cell tower information were instrumental in the investigation and subsequent conviction on Phuong Ngo (FONG NO). These records allowed police to reconstruct the crime scene.

She added that there has been plenty of attention paid to data retention laws, the consultation process that sparked the ire of Anonymous is just a consultation process and is being conducted in the open, which should quell fears about governments granting themselves unfettered power.

She then explained the Raison d'être for the data retention proposal and other reforms:

“We cannot live in a society where criminals and terrorists operate freely on the internet without fear of prosecution. We cannot allow technology to create a ‘safe haven’ for criminals, or a ‘no go’ zone for law enforcement.

But, this does not mean unfettered access to private data either.

What it does mean are carefully drafted, tested and oversighted national security laws – and this is what I’m focussed on delivering.”

Roxon signed off by pledging that “, I will focus on delivering the right checks and balances to ensure that national security powers are not abused and that the privacy of Australians is respected.”

The difficulty of achieving that level of security is, however, what Anonymous thought it had pointed out by revealing personal data found on a neglected server belonging to Australian telco AAPT. The Reg mentioned the contents of Roxon’s speech in an IRC channel frequented by entities who use the iconography and identity of Anonymous. The response indicated considerable displeasure and intent to again protest vigorously, in Anonymous’ particular fashion. ®

The essential guide to IT transformation

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Scale data protection with your virtual environment
To scale at the rate of virtualization growth, data protection solutions need to adopt new capabilities and simplify current features.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?