[LINK] Senate committee probes AGD's data retention activities
Rick Welykochy
rick at praxis.com.au
Mon Nov 1 19:26:02 AEDT 2010
rene wrote:
> Also, re what is "telecommunications data" my recollection is that in about
> 2007, AG dept told a Sen Comm (IIRC in response to questions raised by I
> think EFA) that in AG Dept staff opinion "telecommunications data" does not
> include the subject line of an email message which they reckoned would be
> "content" and therefore require a warrant under the TIAA, but things like
> that are not clear in the TIAA about about what is or not "data". My
> recollection is, however, that certainly almost everything else in the
> headers of email would be "data".
So "telecommunications data" is perhaps what we in IT would call metadata.
Hairs are being split, aren't they. Certain parts of a header are data
and certain parts are content. I challenge a legislator to make the
correct distinctions between the two in the headers for all existing
and future communications protocols. Or leave to the courts and legal
precedence to sort out. *Quelle* legal minefield.
> Similarly there were questions raised in 2007 about whether a URL is "data"
> or "content", and I don't think there was ever any response that did
> anything to clarify/shed any light that issue/question.
An HTTP URL (and many others) can contain private data, what one could
call content, in the parameter section. And in certain cases that private
data can even be part of the URL's pathname. This is because private data
can be tacked on to the end of, say, a script name, and is call PATH_INFO
by the Common Gateway Interface (CGI).
fictitious examples:
http://nowhere.com/content/script.cgi/user/private/data?r=abc&acct=123456789
......<---host---> <------path------> <--content--><------parameters------->
Very fine hairs are being split unless everything in the URL after
the host is considered sacrosanct and private content.
And of course there is a data: scheme, in which the URL itself contains
all the data within itself:
data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAA...
In the above case everything after "base64," is private content. In the
case of a mailto: URL, everything after the ? is private content:
mailto:jsmith at example.co?subject=Test&body=PrivateStuff
Over at <http://en.wikipedia.org/wiki/URI_scheme> I counted about
70 official URI schemes and more unofficial such. Each has its
own privacy and content vs data implications. For the legislator's
consideration. Or the court's future headaches.
cheers
rickw
--
Rick Welykochy || Praxis Services
When choosing between two evils, I always like to take the one I haven't tried before.
-- Mae West
More information about the Link
mailing list