[LINK] Data Retention bill sort of explained
jwhit at janwhitaker.com
Sat Nov 1 13:20:28 AEDT 2014
[I have a question: if IP addresses are being stored as metadata, isn't an IP address assigned even for a VPN so the ISP can make the link to the VPN? although I do see that a VPN connection on my computer is separate from my LAN connection, so maybe not. Tech explanation, please.]
Metadata and data retention changes explained
Published: October 31, 2014 - 4:48PM
The Abbott government introduced legislation for a mandatory data retention scheme into Parliament on Thursday requiring telecommunications companies to keep metadata logs pertaining to your email, internet, mobile and landline use.
If the bill passes into law, the data will be held by telcos for up to two years, available for law-enforcement and intelligence agencies to access.
What does it mean to the average law-abiding citizen?
Who you called, who called you, both party's location and the duration of your calls will be stored for two years, and potentially accessed without a warrant.
It also applies to email but not to which websites you access online. Only the IP address allocated to your modem by your internet provider will be stored so that law enforcement can figure out suspects' involvement in cyber attacks, child exploitation, terrorism activity and other crimes.
There were more than half a million metadata disclosures in the 2012-13 financial year relating to more than 330,000 authorisations by government agencies. Whether your records were accessed is a secret, even if it was discovered you hadn't committed a crime.
Can data retention be circumvented?
Yes. With the use of what's called a virtual private network, or VPN, people are able to prevent their internet metadata being stored by their internet service provider (ISP).
A VPN encrypts all internet traffic between a user and the server that is providing them with internet access.
VPNs vary in their cost but can be purchased for less than $5 a month. The Tor Browser, which provides anonymity via a different way, is free but can be very slow as it relies on an encrypted communications network run by volunteers interested in privacy.
Camouflaging phone access is harder, requiring the use of a service overseas that isn't subject to data retention legislation. The use of a voice-over IP (VoIP) provider like Skype in combination with a VPN is possible, although law-enforcement can still access the data stored on Skype's servers with a warrant and assistance from US police, which is why some people sign up as "Mickey Mouse" and use prepaid gift cards purchased with cash at newsagents to not tie their identity to the account.
Some have argued storing every citizens' metadata will likely result in more innocent people having all their data stored rather than hardcore criminals, who are known to use VPNs.
What has this got to do with piracy?
The government is not after those who illicitly downloaded movies and TV shows, according to Communications Minister Malcolm Turnbull.
But requiring internet providers to store IP address will mean copyright holders will be able to use the courts to try to obtain access to this data. They could then use this to sue individuals for copyright infringement. The studio behind Dallas Buyers Club is currently trying to get iiNet and other ISPs to handover details of customers it alleges downloaded the movie illicitly. .
It was able to obtain these IP address by monitoring torrent files on peer-to-peer networks and noting down IP addresses that downloaded unauthorised copies.
Will there be an 'internet tax'?
Storing large volumes of customer metadata for two years will require data warehouses, which some telcos like iiNet have estimated would cost $60 million to set up.
These estimations were based on also storing URLs customers accessed , which will now not be required. The cost is likely to be less, but by how much is unknown.
The government has committed to paying substantial set up costs with taxpayers' money. Other costs such as power for data centres if required, may have to be passed on to consumers.
Some have labelled this direct or indirect costs a surveillance tax.
Where will the data be stored and will it be secured properly?
Questions remain over what obligations will be placed on telcos to secure data properly.
There is no data breach notification scheme in Australia so, if data is hacked your internet or phone company does not have to tell you about it.
Fines of up to $1.1 million can apply, but that's only if the federal Privacy Commissioner investigates a breach.
Mr Turnbull says new legislation will be introduced that will deal with the storage of the data.
When will the legislation become effective?
It is unlikely to pass until next year and even then telcos will have up to 18 months to comply. The Labor party is seeking to scrutinise the bill before a committee in the meantime.
Is the bill likely to pass?
Labor has traditionally shown bipartisan support for national security legislation and indeed began the data retention regime review while it was in power. So even with opposition from crossbenchers, the bill is likely to pass after the Parliamentary Joint Committee on Intelligence and Security examines it.
Are there any good safeguards introduced by the bill?
Yes. Right now local councils, the RSPCA, Australia Post and other agencies not typically considered law-enforcement authorities can access your metadata. If the new bill passes in its current form they will no longer be able to access it without approval from the Attorney-General.. The Attorney-General will be required to consider a range of criteria, including whether the agency is subject to a binding privacy scheme.
Bankstown Council, which uses metadata to track down those who illegally dump, told Fairfax Media it was "analysing the legislation and considering whether to make a submission" to the Joint Committee.
The Commonwealth Ombudsman will have oversight over metadata access, but this is only after metadata requests are made.
Does data retention work?
Other countries have ruled data retention unconstitutional but the Australian government says it has taken into account suggestions made by courts overseas that have overturned the legislation.
This story was found at: http://www.theage.com.au/digital-life/consumer-security/metadata-and-data-retention-changes-explained-20141031-11euov.html
"Lost Anchors" - Now available on Amazon in both print and Kindle versions.
Ebook : <http://mybook.to/lostanchors>myBook.to/lostanchors
Melbourne, Victoria, Australia
jwhit at janwhitaker.com
"On A Life's Edge" -
US Amazon print and digital http://viewBook.at/OALEdge
Apple iTunes: https://itunes.apple.com/au/book/on-a-lifes-edge/id893736824?mt=11
Sooner or later, I hate to break it to you, you're gonna die, so how do you fill in the space between here and there? It's yours. Seize your space.
~Margaret Atwood, writer
_ __________________ _
More information about the Link