Feeds

Telcos renew calls to limit metadata retention

ASIO boss “doesn't understand” says iiNet's Dalby

Remote control for virtualized desktops

Australian internet service provider (ISP) iiNet's chief regulatory officer Steve Dalby has (once again) come out swinging against proposals in Australia to introduce a mass data retention regime, telling a senate committee that the head of ASIO doesn't understand what law enforcement is asking for.

Dalby was addressing the Senate Committee reviewing the Telecommunications Interception Act.

After discussing what the ISP considers to be potentially onerous and intrusive metadata storage requirements (which iiNet has put at costing more than $AU80 million), Dalby criticised what he believes are widespread misconceptions about metadata collection – particularly that it would be easy to accomplish, and that collecting “just metadata” is no more intrusive than looking at envelopes rather than the letters in them.

Dalby reiterated statements (and, for that matter, articles) he's previously made regarding how revealing metadata is, saying that in the online environment, metadata is “pervasive and intrusive”.

“Metadata reveals more about the individual than the content itself,” Dalby added.

ASIO inspector-general David Irvine was singled out for particular attention by Dalby over remarks he made last week to the same inquiry.

“I don't think he understands or has had advice that makes it clear to him what he's asking of the industry”, Dalby said to the committee.

Dalby also criticised inconsistent government messaging about the metadata question: while public statements from law enforcement and the attorney-general's department (under various political masters) suggest that the amount of metadata sought for storage would be minimal, the confidential brief that carriers and ISPs received two years ago suggested a far more extensive regime is under consideration.

“The inconsistent and contradictory messaging from government sources is unhelpful,” Dalby said.

He also remarked that the widespread belief that “service providers routinely engage in data retention for their business purposes” is “seriously overstated”. For example, what an ISP might collect (such as data usage to enforce quotas) is far less than tracking URLs, source and destination IP addresses, e-mail headers and the like.

The presentation used by iiNet at the hearing is here.

$AUD500 million industry bill

Earlier in the day, AMTA – the Australian Mobile Telecommunications Association – pushed back against widespread reports that Australian carriers provide “cell dumps” or “tower dumps” to law enforcement.

Such “dumps” refer to agencies requesting that carriers record and provide all activity at a particular mobile phone base station, for a particular time, a practise that has caused controversy in the US.

AMTA's Chris Althaus said Australian carriers are more likely to respond to a request that stipulates an individual, based on the Telecommunications Interception Act and the Telecommunications Act.

Requests from agencies, Althaus said, generally ask for the location of a single individual handset.

“I understand that you do get requests sometime … you are asked to provide all the traffic that passed through that tower at that time?” asked committee chair Senator Scott Ludlam of the Greens.

“We request that agency to supply the handsets,” was the answer, “the telephone number of those handsets. We don't like the agencies fishing for information,” Althuas said. “We are very prescriptive in when we respond”.

AMTA and the Communications Alliance also put to the inquiry that the cost of industry-wide data retention would approach $AUD500 million.

The hawkish view of interception represented to the committee by former assistant secretary of the US Department of Homeland Security Stewart Baker, who said the right to privacy in America is a “bunch of peculiar laws”.

Baker said the failure to prevent terrorism is due to “an unholy alliance of business and privacy activists … making it very difficult even when you can see a disaster coming, to take action against that disaster.”

He also complained that Edward Snowden's leaks exposed US practises “in a fashion designed to create a bad reaction”. ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Megaupload overlord Kim Dotcom: The US HAS RADICALISED ME!
Now my lawyers have bailed 'cos I'm 'OFFICIALLY' BROKE
MI6 oversight report on Lee Rigby murder: US web giants offer 'safe haven for TERRORISM'
PM urged to 'prioritise issue' after Facebook hindsight find
BT said to have pulled patent-infringing boxes from DSL network
Take your license demand and stick it in your ASSIA
Right to be forgotten should apply to Google.com too: EU
And hey - no need to tell the website you've de-listed. That'll make it easier ...
Assange™ slumps back on Ecuador's sofa after detention appeal binned
Swedish court rules there's 'great risk' WikiLeaker will dodge prosecution
prev story

Whitepapers

Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Simplify SSL certificate management across the enterprise
Simple steps to take control of SSL across the enterprise, and recommendations for a management platform for full visibility and single-point of control for these Certificates.