Daily Bulletin


The Conversation

  • Written by Rick Sarre, Adjunct Professor of Law and Criminal Justice, University of South Australia
Revisiting metadata retention in light of the government’s push for new powers

The Minister for Law Enforcement and Cybersecurity, Angus Taylor, foreshadowed this week that the Turnbull government will continue to pursue new law-enforcement powers that would allow authorities access to encrypted digital data in the fight against terrorism, organised crime and online crime, such as cyber fraud and child exploitation.

To assess the worthiness of this pursuit, it is useful to review the developments in the past six years regarding the government-mandated collection and storage of mass electronic data, referred to as “metadata”.

Read more: Police want to read encrypted messages, but they already have significant power to access our data

Mass metadata collection

Metadata does not contain content. It is simply information about the digital links involved in communications, the location of the caller and receiver, the date and time of the calls, and the length of the conversation. It includes data pertaining to short messaging service (SMS) text messages, and the Internet Protocol (IP) addresses of users’ devices.

Twenty-one law enforcement agencies have been granted access to track and retain metadata. Given the ubiquity of smartphones and other portable devices, these agencies can find an enormously rich trail of information regarding users’ locations, calls and networks.

Metadata retention emerged as a potential strategy with the release in 2013 of the report of the Joint Committee on Intelligence and Security. The Committee noted that such a scheme would be of “significant utility” to national security agencies.

The government responded in due course. In October 2015 new laws came into force requiring telecommunications service providers to retain and store their metadata for two years so that it remained available for analysis.

The prime minister at the time, Tony Abbott, explained the decision thus:

To help combat terrorism at home and deter Australians from committing terrorist acts abroad, we need to ensure our security agencies are resourced properly and have the powers to respond to evolving threats and technological change.

The government sought to allay any concerns about executive “overreach” by giving a role to the Commonwealth Ombudsman to assess an agency’s compliance with its legislative mandate.

Concerns at the time

There were several other concerns raised at the time of the passage of the legislation. The key one was that it had the potential to erode the very democratic freedoms that governments are duty bound to protect, such as freedom of political association. It was pointed out that democracies such as France, Germany and Israel had not legislated for mass metadata collection.

Moreover, in addition to general privacy unease, there was a concern that there was no guarantee that our allies – when analysing Australian metadata – would preserve the privacy safeguards set out under Australian law.

Read more: Metadata and the law: what your smartphone really says about you

Hackles were again raised when, in April 2017, an Australian Federal Police operative sought and acquired the call records of an Australian journalist without a warrant.

The AFP Commissioner, Andrew Colvin, quickly acted to alert the media and to offer the opinion that there was no ill will or bad intent. While this assurance was comforting, the ease with which the access was obtained was, for observers, a problem.

It wasn’t future-proof

But the key fear was that the strategy, for its enormous cost — A$740 million over ten years — was not future-proof. Technologies that can hide from metadata collection are readily available and widely used.

Any encrypted messaging app — such as Wickr, Phantom Secure, Blackberry, WhatsApp, Tango, Threema and Viber — can circumvent data retention. Moreover, any secure drop system based on Tor is capable of evading metadata scrutiny too.

So that’s where Angus Taylor’s concerns are coming from.

He wants to find a way of compelling the telecommunications companies (telcos) to hand over encrypted data when his agencies suspect that communications are occurring in the pursuit of nefarious purposes.

Will this be through some form of commercial arrangement? Will it be via a threat to block services of non-compliant telcos? Will it involve embedding surveillance codes in devices? Will warrants be required in all cases? How much will it cost?

We won’t know until the legislation comes before the parliament. What we do know is that the process will not be easy.

Read more: Police want to read encrypted messages, but they already have significant power to access our data

We don’t know if these powers are effective

It is worth remembering that governments must ensure that no policy sacrifices our hard-fought liberties in the pursuit of an expensive goal that is not readily attainable.

Indeed, we don’t even know whether the current metadata laws are having the desired effect. Anecdotal evidence emerges from time to time from law enforcement agencies that they have disrupted serious threats, but there has been no actual evidence that the disruption was caused or aided by access to metadata because of the secrecy that shrouds issues of national security. It boils down to a case of “trust us”.

So it is virtually impossible for the public to assess whether the digital data collection by security agencies has been effective or necessary, or even what that collection actually involves. We can only hope that the debate over accessing and analysing encrypted services is a little more enlightening.

Authors: Rick Sarre, Adjunct Professor of Law and Criminal Justice, University of South Australia

Read more http://theconversation.com/revisiting-metadata-retention-in-light-of-the-governments-push-for-new-powers-97931

Writers Wanted

Top economists want JobSeeker boosted by $100+ per week and tied to wages

arrow_forward

Tricks and Accessories for Boosting Your Home Style

arrow_forward

The Conversation
INTERWEBS DIGITAL AGENCY

Politics

Prime Minister Interview with Ben Fordham, 2GB

BEN FORDHAM: Scott Morrison, good morning to you.    PRIME MINISTER: Good morning, Ben. How are you?    FORDHAM: Good. How many days have you got to go?   PRIME MINISTER: I've got another we...

Scott Morrison - avatar Scott Morrison

Prime Minister Interview with Kieran Gilbert, Sky News

KIERAN GILBERT: Kieran Gilbert here with you and the Prime Minister joins me. Prime Minister, thanks so much for your time.  PRIME MINISTER: G'day Kieran.  GILBERT: An assumption a vaccine is ...

Daily Bulletin - avatar Daily Bulletin

Did BLM Really Change the US Police Work?

The Black Lives Matter (BLM) movement has proven that the power of the state rests in the hands of the people it governs. Following the death of 46-year-old black American George Floyd in a case of ...

a Guest Writer - avatar a Guest Writer

Business News

Nisbets’ Collab with The Lobby is Showing the Sexy Side of Hospitality Supply

Hospitality supply services might not immediately make you think ‘sexy’. But when a barkeep in a moodily lit bar holds up the perfectly formed juniper gin balloon or catches the light in the edg...

The Atticism - avatar The Atticism

Buy Instagram Followers And Likes Now

Do you like to buy followers on Instagram? Just give a simple Google search on the internet, and there will be an abounding of seeking outcomes full of businesses offering such services. But, th...

News Co - avatar News Co

Cybersecurity data means nothing to business leaders without context

Top business leaders are starting to realise the widespread impact a cyberattack can have on a business. Unfortunately, according to a study by Forrester Consulting commissioned by Tenable, some...

Scott McKinnel, ANZ Country Manager, Tenable - avatar Scott McKinnel, ANZ Country Manager, Tenable



News Co Media Group

Content & Technology Connecting Global Audiences

More Information - Less Opinion