Ludlam: government paying "lip service" on data retention proposals
- 24 July, 2012 12:16
Greens senator Scott Ludlam has continued to stand by his claims that Federal Government proposals for data retention should not be passed.
A parliamentary joint committee on intelligence and security is currently carrying out an inquiry to consider proposals for reforms for telecommunications interception, telecommunications sector security and Australian intelligence community legislation.
One of the most contentious aspects of the proposals includes "tailored data retention periods for up to two years for parts of a data set", with every internet users' entire web history logged and stored for up to two years.
Ludlam has been a fierce opponent of proposed data retention laws, previously calling it a ”dodgy premise”.
Now that the terms of reference for the inquiry have been released, Ludlam said he is still against it and the government has not seriously considered the privacy implications of the proposals.
“[The government] say they’re looking to strike a balance between people’s privacy and the ability of spy agencies to surviel people, but they haven’t even attempted to strike that balance,” he told Computerworld Australia.
“It’s curious that they would try and pay it lip service while actually totally violating the principles of privacy."
Ludlam’s main contention is that the blanket coverage of the measures could potentially put every citizen under surveillance.
“Once you go down this rabbit hole, it takes you somewhere I don’t think we really want to go and I don’t think they’ve thought through the implications of that,” Ludlam said.
“…if [the government has] thought through the implications and the government still thinks this is a good idea, then we’ve got a very, very serious problem.”
The technical feasibility of the proposal is also questionable, according to Ludlam. For example, how data will be matched, stored and verified if it is required in a court and how it will be protected from being leaked?
“As soon as you’ve got all this material being stored, you create quite a valuable data set ... The government and various commercial entities don’t have a fantastic record of keeping people’s private material safe and we’re creating really valuable data sets,” Ludlam said.
While he believes there is some justification for introducing security laws to keep pace with technology, Ludlam asserted intelligence agencies need to seek access to surveil citizens through judicial processes.
“That creates a due process that can be challenged in court if it’s abused and it also creates a presumption that people won’t be surveilled and what these proposals coming from the attorney-general do is turn that absolutely upside down,” Ludlam said.
The inquiry will also address proposals which place obligations on the telco industry to protect their networks from unauthorised interference.
While Ludlam said he doesn’t completely disagree with the premise that commercial networks should be safe, he said ISPs in Australia are probably safer than some government servers, with providers unlikely to take kindly to being told how to run their networks.
Providers could also be lumped with the costs involved with data retention, with the terms of reference including “targeted powers for government to mitigate and remediate security risks with the costs to be borne by providers”.
Ultimately, the cost to providers will ultimately be passed onto consumers, Ludlam said.
“Now keep in mind that’s not just your internet service provider. It’s your mobile phone company, it’s your bank, it’s probably Skype … any service at all that has any footprint online ... So they’ll have to pass through those costs if that’s what the law says they have to do,” he said.
The deadline for submissions has recently been extended to Monday, 20 August, 2012, with the committee made up of Labor and Liberal members and one independent – Andrew Wilkie. Ludlam said it will be the first time he has made a submission to a parliamentary inquiry.
“This is a pretty serious deal. In my experience of these things, once these powers are in place they are very, very difficult to roll back, so we need to take really serious care before we let this go through,” Ludlam said.
Follow Stephanie McDonald on Twitter: @stephmcdonald0
Follow Computerworld Australia on Twitter: @ComputerworldAU
Take part in the Computerworld conversation: LinkedIn: Computerworld Australia
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
Why change management doesn’t work
Larry Page wants to see your medical records
Dual-Persona Smartphones Not a BYOD Panacea
After two-year hiatus, EFF accepts bitcoin donations again
CIOs struggle to deliver timely mobile business apps: survey
Customer Success - Slater & Gordon Lawyers
Lawyers work hard, and they work fast. Any activity that takes their focus away from the task at hand represents lost productivity and lost revenue. Slater & Gordon Lawyers needed to filter spam and email-borne malware and provide high availability for email. Results from the business solution they chose include 250 hours of IT staff time reclaimed annually for other tasks, long delays in email delivery alleviated, reduced email-related storage costs, and email failover to the cloud in minutes, avoiding hours-long outages. Find out how they got these results.
Deploying Flash in the Enterprise
Flash is quickly emerging as the preferred way to overcome the nagging performance limitations of hard disk drives. However, because flash comes at a significant price premium, outright replacement of HDDs with flash only makes sense in situations in which capacity requirements are relatively small and performance requirements are high. Learn how deployment approaches-including hybrid storage arrays, server flash, and all-flash arrays-that combine the performance of flash with the capacity of HDDs can be cost effective for a broad range of performance requirements.
Detecting APT Activity with Network Traffic Analysis
Today’s successful targeted attacks use a combination of social engineering, malware, and backdoor activities. This research paper will discuss how advanced detection techniques can be used to identify malware command-and control (C&C) communications related to these attacks, illustrating how even the most high-profile and successful attacks of the past few years could have been discovered.