We forgot to tell you we were tapping your metadata

The Abbott government has reached the stage where it can’t take a trick, even with things that ought to be surefire winners for a conservative government. We saw this not long ago with the attack on dole bludgers. And it’s emerged again with the attempt to cover the retreat on Section 18C with new anti-terror measures (or, in the government’s telling the dumping of 18C to secure support for the anti-terror measures).

After the Brandis fiasco, the government wheeled out the chiefs of ASIO and the AFP to explain that there was nothing to worry about: police were already storing and searching our metadata on a massive scale (300 000 requests last year) and just wanted to ensure this continued.

Unfortunately, the environment has changed since the revelations made by Edward Snowden and others on the extensive (and, in aspiration, total) surveillance of communications by the US NSA. It seems likely that the end result of this will be a rolling back of the extreme surveillance powers grabbed by the authorities over the last decade.

And, while I’m at it, can we stop talking as if we are facing a massive existential crisis because of the threat of terrorism. For most of the 20th century we were threatened with invasion or nuclear annihilation, and we managed to maintain our liberties. We should do the same this time.

40 thoughts on “We forgot to tell you we were tapping your metadata

  1. John Quiggin :
    I’m still having trouble here. If I’m the operator of a dodgy site, wouldn’t I and my users benefit from wiping the access logs on a daily basis (or maybe weekly if you want to some kind of troubleshooting).

    Quite right! That’s one of the many ways this proposal is ineffective. On the other hand, consider the many monumental IT stuff-ups by organisations with massive IT budgets. So you never know…

    Even some of the popular VPN services have logs, which kind of defeats the purpose (I assume they want logs so they can detect clients sharing their account, etc.)

    On the other hand, some authorities (e.g. NSA) might do some “packet-sniffing” prior to taking down the baddies. This will show traffic between two IPs, regardless of any logging on the server side.

    On the other, other hand, many of my friends have access to my Wi-Fi when they come visit. Further, my WiFi connection might be open to the public, so it could be anyone in walking past, a neighbor, etc. So just because some traffic went between my IP and some baddies server, doesn’t mean it was me doing it.

    So this data might yield evidence, but certainly not proof.

    p.s. I’m using “baddies” here to describe the the government target. This might be a child porn ring (a favoured example of government spruikers). But it’s likely to include whistle-blowers like Wikileaks, or even journalists. In that case, the authorities might be more inclined to allow the service/journalist to continue, but just monitor traffic so they can pounce on a whistle-blower when and if it suits…

  2. @Rob

    I would add: as a general rule Google can’t have you extra-judicially killed, disappeared or held in indefinite detention without charge.

  3. Megan :
    @Rob
    I would add: as a general rule Google can’t have you extra-judicially killed, disappeared or held in indefinite detention without charge.

    haha! No not yet!

  4. Since this all come under “bone headed stupidity” allowance must be made for commenting. It seems to be that metadata presumes the existence of algorithms that can capture data relevant individual internet data en masse. Even if content can be tapped, it is more difficult to analyse, and often not as useful in terms of understanding behavior. Metadata can create a picture of the individual user, and raises issues of privacy. There is a divided between the age of the printing press and internet. A search warrant is irrelevant if the data has not been stored. Why should ISP be responsible for collecting and storing information, and who is to define what algorithm should be used? Who does the data belong to, who can use it for possible commercial and other possible purposes, and who can have access, and under what conditions? The fact that metadata is being collected does not make it right, legal, or a violation of privacy.

  5. If my understanding is correct, part of the plan is to compel ISPs to hold this information at their own expense. That does give rise to the interesting constitutional problem of whose property it is when the government compulsorily acquires it. They can’t argue that the ISP still has it and therefore nothing has been acquired, as that would seem to undermine the entire basis of copyright law (although IANAL).

    On anonymisers, the US government is reportedly trying to penetrate TOR and target users as suspects because they are using an anonymiser. So unless you can assure your anonymity as a user first, it may not be worth the effort.

  6. 2 tanners :
    If my understanding is correct, part of the plan is to compel ISPs to hold this information at their own expense. That does give rise to the interesting constitutional problem of whose property it is when the government compulsorily acquires it. They can’t argue that the ISP still has it and therefore nothing has been acquired, as that would seem to undermine the entire basis of copyright law (although IANAL).

    Most (if not all) business have to operate within some sort of regulatory boundary, which in most cases increase costs (that are normally passed onto the customer). E.g. banking, healthcare, even the local fish-and-chip shop (they have to pay for proper disposal of their frying oil).

    I don’t think the proposed data retention plan is different in that regard…

  7. My concern is the parallel discussions the government would be having wih ISPs on data retention for national security purposes and making ISPs more of a player in countering copyright infringement. As I understand it much of the metadata could be used for both purposes.

  8. @Rob

    All businesses should operate within regulatory boundaries, and I suspect that I am probably the most extreme on this forum in actually supporting the right of the state to scrutinise mail in all forms and other activities to prevent crime. The big BUT is that these powers need to be overseen by an independent judiciary and as I understand it this is what these laws propose to circumvent.

    The point I was making was that in forcing ISPs to keep what is clearly intellectual property and then demanding access to that property does not differ from demanding access to Fax TV’s Game of Thrones series (or come that, a digital version of Debbie Does Dallas). At best, the metadata belongs to the ISP who must be compensated, but in all likelihood the metadata belongs to the creator who must be both notified and compensated under the constitution. There is no right to prevention of acquisition and equally there is a constitutional guarantee of compensation. Again, IANAL but it would make for an entertaining High Court case.

  9. @2 tanners

    I am probably the most extreme on this forum in actually supporting the right of the state to scrutinise mail in all forms and other activities to prevent crime.

    I understand, and accept, your “BUT” (ie: oversight by an independent judiciary) – but….

    My great concern is with the concept of doing things to “prevent crime”. Sure, lock your doors to help prevent burglary and so on. But total surveillance and invasion of internet activity by the government – or its 5 eyes partners doing so and feeding it back to them filtered in a way to make it ‘legal’ – is something that I see less to do with crime prevention and more to do with silencing dissent.

    Using ASIO to detain, and deport, the non-violence protest activist Scott Parkin under Howard or using ASIO to spy on climate activists under the ALP are examples of the basis for such concern.

    I would be happy – with a proper court process etc.. – for all sorts of spying to be used in solving crimes, but less happy to give it a free pass for “prevention”.

  10. I got the “bold” a bit wrong there. I wanted to emphasize “solving” crimes as OK but “prevention” as dangerous.

    To “prevent” a crime you have to know that it is going to happen.

    To “know” it is going to happen you must have a reason.

    Suspicion is not good enough. The US is currently killing innocent people, including Australians, without any legal process based on something that is essentially an algorithm. They call it the “disposition matrix”.

    They often don’t even know who they’ve obliterated. It just “feels” right, because the minced person “fits” a category they have fallen into by meta-data: contacts, movements, numbers called, location, websites visited etc…

    I’m frankly terrified that my fellow Australians think this is quite OK.

  11. @Megan

    You got the bolding pretty right I thought. Yes, it is terrifying, the direction the US is headed. I just hope a relatively peaceful, democratic reversal of these US trends will be initiated by the US populace. That is the best we can hope for. Realistically, nobody outside the USA has any chance of modifying these US policies.

  12. 2 tanners :
    @Rob
    The point I was making was that in forcing ISPs to keep what is clearly intellectual property and then demanding access to that property does not differ from demanding access to Fax TV’s Game of Thrones series (or come that, a digital version of Debbie Does Dallas)….

    I don’t understand why my internet address would be considered intellectual property. Is the street address of my house intellectual property, and if not, how is it different to my internet address?

  13. kevin1 @ #2 wrote:

    Living in the shadow of nuclear Armageddon has been forgotten, though I remember in the early 80s, with Reagan’s Starwars fantasies and nuclear power more favoured, ’twas a scary time.

    We owe it to the late Lieutenant-Colonel Robert Bowman (1933-2013) for preventing nuclear war during the Reagan Years. Robert Bowman was Director of Advanced Space Programs Development for the U.S. Air Force in the Ford and Carter administrations, but had retired before Reagan was elected. Because he had retired before Reagan was elected, he was, unlike may he worked with, able to blow the whistle on plans of people in the Reagan administration to launch war. Had he not retired, he would have had to remain silent or risk imprisonment. Bowman toured the United States and gave speeches to packed meetings against the war plans and forced the Star-Warriors to back down.

    Robert Bowman tried to win preselection as Democratic Presidential Candidate in 2006 but was beaten by the rorts in the preselection system in Florida.

  14. (Second attempt. I forgot to put a “/’ in my second ‘blockquote’ tag, above. Please delete the above post, Professor Quiggin.

    kevin1 @ #2 wrote:

    Living in the shadow of nuclear Armageddon has been forgotten, though I remember in the early 80s, with Reagan’s Starwars fantasies and nuclear power more favoured, ’twas a scary time.

    We owe it to the late Lieutenant-Colonel Robert Bowman (1933-2013) for preventing nuclear war during the Reagan Years. Robert Bowman was Director of Advanced Space Programs Development for the U.S. Air Force in the Ford and Carter administrations, but had retired before Reagan was elected. Because he had retired before Reagan was elected, he was, unlike may he worked with, able to blow the whistle on plans of people in the Reagan administration to launch war. Had he not retired, he would have had to remain silent or risk imprisonment. Bowman toured the United States and gave speeches to packed meetings against the war plans and forced the Star-Warriors to back down.

    Robert Bowman tried to win preselection as Democratic Presidential Candidate in 2006 but was beaten by the rorts in the preselection system in Florida.

  15. @James

    There was no Presidential election in 2006. In 2006 Robert Bowman sought and won nomination as the Democratic candidate for the House of Representatives from Florida’s 15th Congressional District but was beaten in the general election by the incumbent Republican Dave Weldon.

    Your suggestions about the effects of his speeches on the subject of the so-called Strategic Defence Initiative: are they any more accurate? I don’t know.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s