Proposed security reforms to hold customer internet data for two years

Lauren Gillen

INTERNET service providers (ISP) and telecommunications companies could be forced to automatically retain customer internet usage data for two years, according to online activists and privacy advocates.Computer image AAP1

In July the Attorney-General’s office released a discussion paper titled “Equipping Australia against emerging and evolving threats”, which contained proposed reforms to Australia’s national security and counter terrorism legislation.

At the request of the Attorney-General’s office, the Parliamentary Joint Committee on Intelligence and Security (PJCIS) is currently considering the proposals.

They include “expanding the basis of interception activities”, allowing ASIO to use force to take control of third party computers if they need it to gain entry to a “target” computer and the interception of user interactions on social networking sites.

Most controversially the paper asks the committee to consider “data retention periods for up to two years”.

The Attorney-General’s office said urgent law reform was required to meet the challenges posed by new technology.

Jon Lawrence, the executive officer of Electronic Frontiers, a national organisation representing internet users concerned with online freedoms and rights, said some of the more than 40 proposals being considered amounted “to a very significant increase of surveillance powers”.

“There are no strong arguments as to why they need these broad sweeping powers to essentially engage in surveillance of the whole community,” Mr Lawrence said.

He said if all the proposals in the discussion papers became law, authorities like ASIO would have similar power to the secret police in Iran and China.

Mr Lawrence also said retained data would be vulnerable to security breaches.

“It will mean a massive source of data will be obtainable to hackers to breach,” he said.

In July self-proclaimed members of the hacker group Anonymous published customer information they stole from Australian ISP AAPT, in protest against the data retention proposal and to highlight the vulnerability of stored data.

“There is also the enormous cost for ISPs who work with very low margins,” Mr Lawrence said.

“They will be forced to pass those cost on to consumers.”

The paper also proposes to extend its current “interception regime” to social networking sites like Facebook and Twitter.

This would give authorities the power to track users’ movements on the social networking sites.

Mr Lawrence said a Twitter transparency report showed only 10 requests from the Australia government to access user data over a six month period.

“There is no massive demand that justifies giving ASIO blanket access to everyone’s Twitter account,” he said.

The Attorney-General’s office said the discussion papers aimed to equip law enforcement and intelligence agencies with “contemporary skills and technologies, backed by necessary powers”.

The office said any new powers would be coupled with the “appropriate checks and balances and oversight mechanisms society rightly demands”.

International Human Rights Advocacy director and Human Rights Law Centre lawyer Ben Schokman said there was no evidence that justified the proposed reforms.

Mr Schokman said he was not opposed to “streamlining and making Australia’s national security system more effective”, but said the “lack of details contained in the discussion paper to justify the needs to any of the reforms” was concerning.

“What needs to be examined is whether or not those laws are necessary and if they represent reasonable and proportional limitations on all of our rights,” he said.

“Ever since 9/11 there has been a slow and gradual erosion of people’s rights.

“We are seeing a move away from [a] targeted approach based on reasonable suspicion of individuals undertaking suspicious activity and movement towards a discriminative approach, which catches everyone,” Mr Schokham said.

Mr Schokham said he feared a situation where security agencies could trawl information looking for evidence.

“Indiscriminate collection of private information of individuals makes everyone a suspect,” he said.

The government has already acted to extend authorities like ASIO and the Australian Federal Police’s reach into cyberspace.

In August, the Cybercrime Legislation Amendment Bill passed the Federal Senate.

The legislation can force ISP and communication carriers to monitor and store website use and data exchanges, but only at the request of authorities who must obtain a warrant.

Up to 100 other nations are undertaking similar reviews to strengthen their legislation and fall in line with the convention.

Leave a Reply