Feeds

Telcos renew calls to limit metadata retention

ASIO boss “doesn't understand” says iiNet's Dalby

Providing a secure and efficient Helpdesk

Australian internet service provider (ISP) iiNet's chief regulatory officer Steve Dalby has (once again) come out swinging against proposals in Australia to introduce a mass data retention regime, telling a senate committee that the head of ASIO doesn't understand what law enforcement is asking for.

Dalby was addressing the Senate Committee reviewing the Telecommunications Interception Act.

After discussing what the ISP considers to be potentially onerous and intrusive metadata storage requirements (which iiNet has put at costing more than $AU80 million), Dalby criticised what he believes are widespread misconceptions about metadata collection – particularly that it would be easy to accomplish, and that collecting “just metadata” is no more intrusive than looking at envelopes rather than the letters in them.

Dalby reiterated statements (and, for that matter, articles) he's previously made regarding how revealing metadata is, saying that in the online environment, metadata is “pervasive and intrusive”.

“Metadata reveals more about the individual than the content itself,” Dalby added.

ASIO inspector-general David Irvine was singled out for particular attention by Dalby over remarks he made last week to the same inquiry.

“I don't think he understands or has had advice that makes it clear to him what he's asking of the industry”, Dalby said to the committee.

Dalby also criticised inconsistent government messaging about the metadata question: while public statements from law enforcement and the attorney-general's department (under various political masters) suggest that the amount of metadata sought for storage would be minimal, the confidential brief that carriers and ISPs received two years ago suggested a far more extensive regime is under consideration.

“The inconsistent and contradictory messaging from government sources is unhelpful,” Dalby said.

He also remarked that the widespread belief that “service providers routinely engage in data retention for their business purposes” is “seriously overstated”. For example, what an ISP might collect (such as data usage to enforce quotas) is far less than tracking URLs, source and destination IP addresses, e-mail headers and the like.

The presentation used by iiNet at the hearing is here.

$AUD500 million industry bill

Earlier in the day, AMTA – the Australian Mobile Telecommunications Association – pushed back against widespread reports that Australian carriers provide “cell dumps” or “tower dumps” to law enforcement.

Such “dumps” refer to agencies requesting that carriers record and provide all activity at a particular mobile phone base station, for a particular time, a practise that has caused controversy in the US.

AMTA's Chris Althaus said Australian carriers are more likely to respond to a request that stipulates an individual, based on the Telecommunications Interception Act and the Telecommunications Act.

Requests from agencies, Althaus said, generally ask for the location of a single individual handset.

“I understand that you do get requests sometime … you are asked to provide all the traffic that passed through that tower at that time?” asked committee chair Senator Scott Ludlam of the Greens.

“We request that agency to supply the handsets,” was the answer, “the telephone number of those handsets. We don't like the agencies fishing for information,” Althuas said. “We are very prescriptive in when we respond”.

AMTA and the Communications Alliance also put to the inquiry that the cost of industry-wide data retention would approach $AUD500 million.

The hawkish view of interception represented to the committee by former assistant secretary of the US Department of Homeland Security Stewart Baker, who said the right to privacy in America is a “bunch of peculiar laws”.

Baker said the failure to prevent terrorism is due to “an unholy alliance of business and privacy activists … making it very difficult even when you can see a disaster coming, to take action against that disaster.”

He also complained that Edward Snowden's leaks exposed US practises “in a fashion designed to create a bad reaction”. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
Scrapping the Human Rights Act: What about privacy and freedom of expression?
Justice minister's attack to destroy ability to challenge state
WHY did Sunday Mirror stoop to slurping selfies for smut sting?
Tabloid splashes, MP resigns - but there's a BIG copyright issue here
Google hits back at 'Dear Rupert' over search dominance claims
Choc Factory sniffs: 'We're not pirate-lovers - also, you publish The Sun'
EU to accuse Ireland of giving Apple an overly peachy tax deal – report
Probe expected to say single-digit rate was unlawful
Inequality increasing? BOLLOCKS! You heard me: 'Screw the 1%'
There's morality and then there's economics ...
While you queued for an iPhone 6, Apple's Cook sold shares worth $35m
Right before the stock took a 3.8% dive amid bent and broken mobe drama
4chan outraged by Emma Watson nudie photo leak SCAM
In the immortal words of Shaggy, it wasn't me us ... amirite?
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.