[LINK] Government could demand Web history

Sat Jun 12 22:07:15 AEST 2010

Note: "and they don't want to have to apply to a court to get it."


http://www.theage.com.au/technology/technology-news/big-brother-wants-all-your-bits-and-bytes-20100611-y3p3.html

> Big brother wants all your bits and bytes
> DYLAN WELCH June 12, 2010
> THE federal government wants your personal internet data, and they  
> don't want to have to apply to a court to get it.
>
> Revelations that the federal government wants Australia's 400-odd  
> internet service providers (ISPs) to log and retain customers'  web  
> browsing data, so law enforcement can access it during criminal  
> cases, have sparked alarm in the industry.
>
> Currently law enforcement needs court-approved search warrants  
> before they can record someone's personal data via their ISP. The  
> proposed regulation would mean companies would be forced to store  
> certain information for several years just in case it was later  
> needed.
>
> ''Once you store that information you increase the risk of abuse,''  
> a source who works for an ISP said.
>
> ''We can put our hands on our hearts and say we're good guys and we  
> don't do anything wrong, but can we say that of every other player  
> in the market?'' the source said. ''Compliance would be a big  
> question.''
>
> The proposed regulation was broached with industry late last year  
> during consultations with the Attorney-General's Department and is  
> believed to still be in its early stages.
>
> The spokesman for internet rights group Electronic Frontiers  
> Australia, Geordie Guy, said it was ironic that the government was  
> trying to encourage ISPs to retain data at the same time that it was  
> chastising Google for doing a similar thing.
>
> ''The Attorney-General's Department has instructed the AFP to look  
> at Google and their conduct in terms of sniffing wireless data … how  
> they can expect to have any credibility when they are looking at  
> instructing ISPs to do exactly the same thing, I'm not sure,'' Mr  
> Guy said.
>
> The government's plans were revealed yesterday in an article by  
> online tech magazine ZDNet.com.au.
>
> Australia is not the first country to consider compulsory data  
> retention for its ISPs, and in 2006 the European Union adopted a  
> policy that required some states to retain data for between six and  
> 24 months.
>
> The Attorney-General's Department yesterday confirmed in a statement  
> it was looking at the new regulation.
>
> ''The Attorney-General's Department has been looking at the European  
> Directive on Data Retention, to consider whether such a regime is  
> appropriate within Australia's law enforcement and security context.''
>
> A spokesman for the Attorney-General, Robert McClelland, denied they  
> would be looking to capture browsing history or data within  emails.
>
> ''The consultations relate to the information to identify the  
> participants in crime networks and terrorist organisations,'' he  
> said. ''It does not include the content of a communication.''
>


http://apcmag.com/govt-may-record-users-web-history-email-data.htm

> BREAKING: Govt wants access to your emails, browsing history
>
> Renai LeMay11 June 2010, 2:32 PM
> The Fed Govt is considering forcing Australian ISPs to retain data  
> on how Australian citizens are using the internet, such as their  
> sent and received email and browsing history.
>
> The Federal Government has confirmed it is considering a policy  
> requiring Australian internet providers to retain precise data on  
> how their users are using the internet, with the potential to  
> include information on emails sent and — reportedly — their web  
> browsing history.
>
> “The Attorney-General’s Department has been looking at the European  
> Directive on Data Retention, to consider whether such a regime is  
> appropriate within Australia’s law enforcement and security  
> context,” a spokesperson for the department confirmed via email  
> today. “It has consulted broadly with the telecommunications  
> industry.”
>
> The spokesperson’s confirmation was also contained in a report by  
> ZDNet.com.au (which broke this story), which stated that ISP  
> industry sources had flagged the potential for the new regime to  
> require ISPs to record each internet address (also known as URL)  
> that an internet user visited.
>
> APC has contacted spokespeople from major ISPs such as Telstra,  
> Optus, iiNet, Internode and Adam Internet to ask for a response on  
> the matter, as well as the Internet Industry Association, a group  
> which represents the ISPs. The office Communications Minister  
> Stephen Conroy and the office of Attorney-General Robert McLelland  
> have also been contacted for comment on the matter.
>
> The European Directive on Data Retention (2006) requires  
> communications providers to retain a number of categories of data  
> relating to their users.
>
> Broadly speaking, they must retain data necessary to trace and  
> identify the source, destination, date, type, time and duration of  
> communications — and even what communication equipment is being used  
> by customers and the location of mobile transmissions.
>
> According to the directive, where internet access is concerned, this  
> means the ISPs must retain the user ID of users, email addresses of  
> senders and recipients of email, the date and time that users logged  
> on and off from a service, and their IP address — whether dynamic or  
> static applied to their user ID.
>
> For telephone conversations, this means the number from which calls  
> were placed and the number that received the call, the owner of the  
> telephone service and similar data such as the time and date of the  
> call’s commencement and completion. For mobile phone numbers,  
> geographic location data would also be included.
>
> The EU directive requires that no data regarding the content of  
> communications be included, however, and it has directives regarding  
> privacy, including the fact that data would be retained for periods  
> of not less than six months and not more than two years from the  
> date of the communication.
>
> Any data collected is to be destroyed at the end of that period.


-- 
Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408  M: +61 404072753
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request