Metadata, it’s all the rage these days among security organisations, even if those in charge don’t have the best understanding of what metadata actually is. Throwing a new spanner in the works — if there weren’t enough already — is the apparent inconsistent nature in which ISPs retain your internet activities, with some pitching your data after a couple of days.
This post was originally published on Gizmodo Australia.
Image: Olli Henze / Flickr, licensed under Creative Commons 2.0
However, on the extreme end, there are those who are “storing data for up to two years”, according to a story by the SMH’s David Wroe. Speaking with spokesperson from the Australian Federal Police, Wroe discovered that no one really follows any particular rules when it comes to data retention, with comments from Communications Alliance CEO John Stanton suggesting it’s better for companies to dump what they collect, rather than risk a run-in with the Privacy Act.
The mixed bag of metadata handling isn’t a simple complaint about administration, but that it can — and has — interfered with serious investigations. The article describes a situation where the AFP was forced to call it quits on a case where “an internet user who had said online that they planned to sexually assault a baby”:
In June last year, Interpol provided IP address details relating to the online comment to the AFP, but the suspect could not be identified because the Australian internet provider kept such metadata for a maximum of seven days.
The detrimental effects of lacklustre metadata retention are then emphasised by Attorney-General George Brandis:
“Both the AFP and ASIO have urgently advised me that inconsistent retention, and even unavailability, of this data is hampering investigations and, in some tragic cases, preventing perpetrators from being brought to justice,” Senator Brandis told Fairfax Media.
No one wants any government agency to have free access to their online activities, but on the other hand, it’s possible that information is recorded that could aid in catching truly bad people. It’s a gigantic grey area with no easy solution, but there has to be a middle ground.
Attorney-General George Brandis says metadata limits jeopardise criminal investigations [SMH]
Comments
3 responses to “Brandis, AFP Rue Lack Of Consistency In Data Retention Among Service Providers”
A surprising perspective from someone writing on a tech blog. The key issue is whether the sum of the benefits outweigh the sum of the harms. In the case of metadata, IMO the harms outweigh the benefits and this is yet one more step down the slippery slope.
If we were to take the view that all crime, including “thought crime” (i.e. crime that has not yet occurred), should be stamped out then you are heading down a path of increasingly tight restrictions on civil liberties. One could even argue that the internet as a whole should be shut down given the opportunities for corruption and exploitation that it provides.
There is no middle ground on a slippery slope.
Spying on people’s communications in the hope of identifying a person or persons planning a crime is an impossible task. Halfway-intelligent criminals will find plenty of ways of hiding their tracks and obscuring their communications. So the task for the intelligence agencies will just get harder and harder, and the returns less and less.
I think there are other agendas here, particularly around piracy and citizen sentiment. Piracy doesn’t need explaining, but what I call citizen sentiment is understanding what your citizens are thinking and saying about everything that’s going on in your country. That kind of information would give governments some very powerful tools to manipulate the populace.
Won’t someone please think of the children?!