[LINK] Brandis rushes to release telco metadata for civil proceedings

Frank O'Connor francisoconnor3 at bigpond.com
Thu Dec 22 16:58:49 AEDT 2016


G’day Christian,

> On 22 Dec 2016, at 2:46 pm, Christian Heinrich <christian.heinrich at cmlh.id.au> wrote:
> 
> Frank,
> 
> On Thu, Dec 22, 2016 at 10:16 AM, Frank O'Connor
> <francisoconnor3 at bigpond.com> wrote:
>> At the moment, very few Australian Internet users take advantage of secure proxy
>> services (like TOR), or strongly encrypted IP tunnelling (through a plethora of private
>> VPN’s), or other application based (secure e-mail, routine browser based SSL connections,
>> software update applications, gaming, proprietary - e.g.Apple, Windows etc etc -
>> applications and protocols et alia) point-to-point encryption measures … but the proposal to
>> make the already collected metadata available to non-government third parties for
>> civil litigation (and possibly other purposes in future? Perhaps later on you could sell the
>> data to the highest bidder?) will no doubt see an explosion of traffic on these high level
>> encryption and data security services.
> 
> I still doubt there will be a significant uptake of encrypted services
> based on the usage data published since 2014.

Don’t know about that. Prior to 2014, and even early last year, VPN’s and other security software had pretty average front ends and GUI’s, were fairly technical to set up, impacted heavily on network performance (both in throughput and latency), were relatively expensive ($10-$20 per month), and didn’t offer access to the complete range of protocols that the current ones do automatically.

In essence, it’s now pretty easy for a neophyte to download some pretty user friendly client software (usable across multiple platforms), achieve very acceptable performance levels (although latency is still a bit of a problem), at a very minimal stipend (I’ve seen some VPN providers offering services at less than $20 per annum). And they now pretty much cover the field as to the support they offer for TCP/IP protocols and applications, usually with large numbers of high performance servers in multiple network and geographic (and political) locations that are user selectable on a session basis depending on what the user plans to do.

> 
> Also, I am aware that
> http://www.austlii.edu.au/au/legis/cth/consol_act/ca191482/s3la.html
> has compelled a person in Victoria to release their SSH Private Key to
> an interstate host already so these types of technical controls are
> less effective now.

With VPN and proxy services the user has no idea what the key is. That is simply allocated by the server on a per-session basis … at the time of establishing the tunnelled (and heavily encrypted) connection/socket.

> 
> On Thu, Dec 22, 2016 at 10:16 AM, Frank O'Connor
> <francisoconnor3 at bigpond.com> wrote:
>> See: http://www.zdnet.com/article/brandis-rushes-to-release-telco-metadata-for-civil-proceedings/
> 
> The consultation is to consider the extension proposed by the
> Parliamentary Joint Committee on Intelligence and Security (PJCIS)
> such as "family law proceedings involving violence or international
> child abduction cases" to quote ZDNet and driven by the jurisdiction
> issues when serving subpoenas overseas.

I have problems with this, as well as with most other conceivable third party, non-governemnt, uses for the metadata (collected by telcos) that the government wants to provide to said third parties. And aside from this, there are any number of other potential CIVIL litigants. Hell, I even have some doubts about the the use the government will put said metadata to.

I’m not saying lock the data up … but I think the government should stick with its indemnities and guarantees of 2014 and 2015, made when it wanted to get the legislation passed, that it now seems to want to abandon … willy nilly. (Which is why I mentioned selling the metadata in my submission … because a lot of it could be REALLY valuable to commercial concerns. I mean, is that the NEXT ‘relaxation’ of the rules?)

And data should only be available from the originators of same (the telcos), and only be available under warrant, subpoena or other court supervised order.

> 
> However, I don't doubt there will be submission(s) from rights
> holder(s) seeking extensions specific to copyright during this
> consultation too.

Oh, I think we can pretty much guarantee that. They seem to want to feed at the pot via grants … to publishing, film and music industries via public funds - some grants being in the 10’s of millions of taxpayer dollars for single projects, changes to the copyright and other IP legislation to extend copyright and IP beyond the limitations now in force, and any number of measures to see that they can continue to feed at a revenue stream long long long and longer after the death of the author, musician or film copyright holder has gone to meet their maker. Somebody really must explain that to me some day … especially given that the author, musician or film maker has signed away their rights on reprehensible unfair contracts … given the supposed purpose of copyright law.

That said, all the latest Australian Court precedents don’t really make litigation a viable option for rights holders hugely limiting their damages, the extent of their actions (can’t go on 'fishing expeditions' for example), forcing them to knuckle under to the Rule of Law and respect the rights of defendants, rigorously enforcing due process etc. etc.) so I don’t see it as much of a problem … unless of course the government’s stated intent came to be to reinforce their failing business model by enforcing same for the IP industries rather than requiring the IP industries to enforce their own damn copyright at their own damn cost.

The real issue for me is the government, selectively, becoming a party to civil proceedings between private citizens using data they have forcibly extracted from yet other third parties (the telcos). If they made the data freely available to anyone on request … no problem … but that is not their intention. If the data they provided also included metadata extracted from politicians sessions on the Internet. No problems. If it included metadata extracted from public servants and those being paid the government shilling, no problems.

But sadly, thats not gonna happen. 

One rule for us. One rule for them. 

The decision about whether to release the data will be political and bureaucratic.

The government should not become involved in civil litigation between independent third parties. The moment it does so it falls down on the side of one party or the other. And the moment it does that it contravenes so many provisions in the Judiciary Act, so many Rules of Evidence, and so many simple rules of fair play and procedure established for good reason through thousands of years of history - that it becomes a bad government.

And as I said in my submission, it also provides an incentive for the average bloke to seek to avoid the possibility of this happening, and take measures that would undoubtedly have undesirable effects on other government operations. And that makes the changes to the rules/regulations/laws even more reprehensible.

Just my 2 cents worth ...





More information about the Link mailing list