[clug] The biggest mass surveillance scheme in Australian history

Scott Ferguson scott.ferguson.clug at gmail.com
Fri Feb 27 07:14:30 MST 2015

On 28/02/15 00:17, Bob Edwards wrote:
> On 27/02/15 23:01, Bryan Kilgallin wrote:
>> {Parliament’s Joint Committee on Intelligence and Security has ticked
>> off on the government’s proposed mass surveillance scheme, with some
>> minor amendments.
>> Once legislated, the scheme will require communications companies to log
>> and retain data about all customers’ usage of their services for two
>> years.}
>> http://www.crikey.com.au/2015/02/27/committee-recommends-data-retention-with-some-half-baked-protections/
> Without wanting to be seen to be supporting this in any way, one
> important difference between this scheme and PRISM is that each ISP
> keeps it's own customers (meta)data, whereas in the U.S. it was all
> being slurped up by the NSA into a single central govt. owned/controlled
> database.

Not just the US. Five-Eyes*1 (here too). Providing it for police is the
justification for being able to force ISPs to retain (in most cases they
do for their own purposes anyway) *and* hand over the metadata. Brandis
has two motivations - (neither of which is law enforcement):-

1. make 5Eyes work easier - metadata is the key to the existing bulkdata
collection. The metadata enables you to locate a needle in a haystack,
the point is in the needle (not it's location). (i.e. you connected to a
forbidden site - which your ISP already knows for billing purposes
unless you use a VPN or Tor, but 5Eyes (and some peering providers) do
stateful packet inspection... (BGPs compromised, likewise submarine

2. TPP, make it easier to prosecute "pirates" and protect the revenue
streams of those that back the parties (or attack the parties) - the
media giants. Political self-preservation to be expected by all parties
when they are actually in power.

*1. This is well documented, *not* tin-foil hat stuff.

*2. See the innocuously titled "Dugong Protection" legislation passed
late last year.

Note: the NSA "claimed" they "only" collected meta-data. Which is
meta-semantically true (a lie by omission). Their partners (England)
keep the bulk data, which they share on request to the partners*1. The
separation is (theoretically) partially to avoid having to lie to
Congress, and mainly to keep the status-quo in the tenuous ally arrangement.

*1 part of some of those "routine traffic stop" incidents?? (some 'are'
the result of commercial spyware).

> What this means is that the law-enforcement officers still need to ask
> a particular ISP to provide the (meta)data for a particular IP address.

or activity of an account holder (which IP addresses were they allocated
and when). I suspect you're referring to the specific instance of
alleged pirating (which only applies to *non*-business accounts).

What 'should' be happening is that the AFP 'should' get the funding
they're promised for internet related law enforcement*1, and *stop*
getting funding cuts. Ex-director MacGibbon has had plenty to say on
that subject (those currently employed are muzzled).

*1 like a small fraction of what's been frittered on the AHTCC website
(five years as a non-functioning website). Packer donated more to Family
First's campaign for internet censorship (to stop internet gambling)
than the AFP get allocated annually for chasing child pornographers.

> The ISPs can already legally keep this (meta)data for lengthy periods,
> but they don't want to (ie. have no need to).

*Except for billing and marketing purposes*. i.e. this is already a
necessary process for any ISP, though in many cases it just changes the
time period for which they retain the data.

Maybe it's changed in the last few years - but Telstra (and it's
subsidiary BigPond) already did/do this (1 year for billing, several for
marketing). If you have a business account and dispute your bill they
will provide you will a detailed list of connections and traffic - it's
a little more difficult to get it for consumer accounts.

Retaining it for the purposes of use as evidence is what cost the
smaller ISPs money - and making it possible to transfer it one
authorized request, as iinet has already pointed out.

> So this legislation is really about requiring the ISPs to retain the
> (meta)data for 2 years.

or, it's about requiring ISPs to hand it over. I'm only familiar with
Telstra practices but anecdotally I'm told it's common throughout the
industry (Vodafone etc).

Don't be surprised when that period is extended...

> I'm happier that the (meta)data is remaining distributed amongst the
> ISPs rather than being aggregated into a single Govt. database.

I'd be happier if it wasn't *only* the police that required a warrant.
I'd be especially happy if the complex data testers who process the
request had some way of verifying the email/phone call the initiates the
data transfer - the existing system doesn't provide that, the caller
simply quotes a warrant number, each magistrate/judge has their own
index of numbers.

> Of course, some U.S. Govt controlled private company will come along
> and offer to host the data on behalf of the ISPs for a dollar and they
> will find it hard to resist. Then all bets are off...

Which is my main complaint about Prism (and the other dozen of so bulk
data collection programs that feed Total Awareness and other programs) -
that it's already private companies collecting and processing that data
(e.g. Dell, Cisco).

> Bob Edwards.

Disclaimer - if I knew (I don't) the exact meaning of "serious crimes*1"
that constitutes grounds for requesting the metadata, or the exact
legislation - I'd be committing an offense revealing it.  Curiously
despite the details being known only to Brandis and a select few -
*both* major parties have agreed to it.

*1 I've read Brandis's statements - "including" is not a clear
definition of "serious crimes", it doesn't preclude whistle blowing,
investigative journalism, or legal privilege.

Like the TPP agreement I can think of *no good reason* why the details
should be secret, and not made public *before* the legislation is passed.

Kind regards

More information about the linux mailing list