Tomorrow, Australia will enact the Telecommunications (Interception and Access) Data Retention Bill, otherwise known as mandatory metadata retention, joining the ranks of the world’s most oppressive nations with nearly unlimited surveillance power on their own citizens, including China, the UK and India. This day has been building for the last few years, as public indifference has allowed the Attorney-General to slowly put the pieces into place.
This law forces recording of our own citizen’s communications over phone calls, SMS’s and electronically (ie. the internet) for silent and warrantless access by a huge swath of government agencies, even the Tax Office, at their own discretion. Even simply disclosing that any information WAS accessed carries a two-year jail penalty, let alone what records were accessed. Few other countries have such draconian measures.
It’s a sad day for democracy and freedom, as this law was passed on the back of manufactured alarm over non-existent terrorist threats. Instead it WILL be used to pursue the interests of the MPAA/RIAA and other commercial rightsholders, as Australia has a very high piracy rate. Governments also love to remain in government, hoarding dirty laundry on key figures makes this much easier. Some countries, far more advanced than this one, are at the stage of reversing metadata collection, after realising how ineffective and dangerous it is, but we are still years behind.
The only people who the net will actually catch are those who are not remotely technically-savvy, in other words, the average citizen, not criminals or terrorists. The NSA’s grand scale metadata collection in the interests of anti-terrorism for the last 14 years has netted a grand total of ONE conviction related to terrorism, and that involved money laundering. Metadata collection is a front for blanket surveillance.
This new Australian law is intentionally vague, the financial and personal costs are immense, and the government has had an embarrassing history of blunders and security breaches when it comes to electronic records. However, it’s naive to assume that mass-scale collection of far more information does not also occur constantly behind the scenes, with or without legal allowance. Additionally, as far as I know, there is no requirement for ISPs to not use overseas cloud services to store this information, which is an amazing oversight.
I would advise everybody, if they haven’t already, to take whatever steps necessary to ensure they retain full control of the privacy of their own communications and information. See my privacy guides above for information and there are also plenty of guides and information around. It’s impossible to put the genie back in the bottle later.
I am very confident that within the next 1-2 years, one or more of three things will happen. There will be a large-scale exfiltration of records from the government/ISPs database. Such a concentration of personal information is a juicy target for commercial or governmental interests. Additionally, metadata access will be abused by lesser-willed government workers for salicious reasons (ie. spying on people they know). Finally, the scope of the collection will expand to allow commercial entities to access records (read: send out copyright infringement notices for downloads).