Greens senator Scott Ludlam has described ‘OzLog’ as having a “dodgy premise” which makes dangerous assumptions about the public all being criminals.
OzLog, the term given to proposals of data retention by the government, could lead to internet service providers (ISPs) storing users’ browsing history and giving intelligence agencies access to that data.
Last week attorney-general Nicola Roxon said she had referred the matter to the joint intelligence committee. The potential data retention matter is part of reforms into four pieces of legislation, including the Telecommunications (Interception and Access) Act 1979; the Telecommunications Act 1997; the Australian Security Intelligence Organisation Act 1979; and the Intelligence Services Act 2001.
Ludlam told Computerworld Australia the more he hears about the proposals for data retention, the less he likes it.
“I think the concept is flawed ... it makes a number of rather dangerous assumptions. One of [them] being that we’re all dangerous criminals and all our personal information is to be recorded in perpetuity so that we can be prosecuted later on,” Ludlam said.
“I think that’s a rather dodgy premise. The second dodgy premise is that it’s going to be technologically even feasible to do that, and I suspect we’ll hear a lot more from the telcos and the ISPs about just how impractical it’s going to be to do it well.
“I think it raises massive privacy implications and it also seems to be based on an assumption that just because this data is there and just because it can be potentially trapped and mined later, that government agencies should do that. So I don’t think it’s been very well thought through.”
Stored information could also be potentially abused and misused, according to critics of the proposals, and opens a Pandora’s box of potential privacy implications. The stored information could also be subject to data breaches.
“We’ve already seen big data breaches at companies that should know better, like Sony, for example ... or the US state department, for example, is in control of a quarter of a million confidential cables. Once these datasets are there, it creates a new and unique vulnerability for it to be misused,” Ludlam said.
Instead of retaining the data of the entire population, Ludlam said a more feasible and just proposal could be retaining the data of named individuals, which is actually part of a proposal to the cybercrime bill which has passed the House of Representatives but is yet to be put to the Senate.
This type of bill, which targets the individual and does not treat everyone as a suspect, Ludlam said, would allow the federal police to issue warrants to ISPs to retain an individual’s information until they see fit.
“That, to me, is more targeted. It’s more easily justifiable, I think. It would still need to be surrounded with proper safeguards, but at least then it’s not treating the entire population as suspects,” he said.
While the terms of any data retention bill has been largely unknown, Ludlam said it is still too early to say how likely the government will be to move ahead with reforms. However, he has commended Roxon for putting it up for public consultation, which will allow ISPs, civil libertarian groups and concerned privacy groups to voice their opinion.
Following the public consultation, Ludlam said “we’ll have to see whether the government takes concerns seriously. But I think those concerns will be raised loud and clear”.
He believes the introduction of draft legislation, if it were to go ahead, is still a year or more away.
In the meantime, Ludlam has advised people to follow the issue closely and participate in debate over the topic.
“I would invite people to track this really closely. Use the ozlog hashtag on Twitter to keep abreast of the discussion and make sure that your views are known," he said.
“The attorney-general has stated that she wants consultation – let’s serve some up.”
Follow Stephanie McDonald on Twitter: @stephmcdonald0
Follow Computerworld Australia on Twitter: @ComputerworldAU
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.