Data Retention Rules Go Into Effect Down Under, But No One's Sure What's Going On

from the but-here's-how-to-avoid-them dept

Wed, Oct 14th 2015 3:21am — Mike Masnick

As we reported earlier this year, Australia put in place a ridiculous data retention law that requires ISPs to store all sorts of information on users just in case the government would like to snoop through it. The main force behind the law, Attorney General George Brandis, is so clueless that he clearly did not understand the details when he was quizzed about it. Here's a brief excerpt from an interview he did last year:

Brandis: Well, what we'll be able... what the security agencies want to know... to be retained... is the... is the electronic address of the website that the web user is visiting.

Host: So it does tell you the website.

Brandis: Well... well... it tells you the address of the website.

Host: That's the website, isn't it? It tells you what website you've been to.

Brandis: Well, when... when you visit a website you... you know, people browse from one thing to the next and... and... that browsing history won't be retained or... or... or... there won't be any capacity to access that.

Host: Excuse my confusion here, but if you are retaining the web address, you are retaining the website, aren't you?

Brandis: Well... the... every website has an electronic address, right?

Host: And that's recorded.

Brandis: And... um... whether there's a connection... when a connection is made between one computer terminal and a web address, that fact and the time of the connection, and the duration of the connection, is what we mean by metadata, in that context.

Host: But... that is... telling you... where... I've been on the web.

Brandis: Well, it... it... it... it... it... it... it records what web... what at... what electronic web address has been accessed.

Host: I don't see the difference between that and what website I've visited.

Brandis: Well, when you go to a website, commonly, you will go from one web page to another, from one link to another to another, within that website. That's not what we're interested in.

As of the beginning of this week, that law is now in effect. And... it sounds like the implementation is going just about as cleanly as you might imagine given Brandis' statements above. A report from ITNews in Australia suggests that the Attorney General's office is a complete mess, and ISPs aren't at all sure what they're supposed to be doing right now. Yes, the law requires many to start collecting lots of information, but smaller ISPs can apply to the Attorney General for exemptions or extended timelines for implementation, and it appears many of them have (of course, the Attorney General's office refuses to reveal how many). ITNews surveyed a bunch of ISPs, with many saying they had sent in a "data retention implementation plan (DRIP)" that would allow them to delay implementation -- but the majority of them hadn't heard anything back, so they have no idea if their plan was accepted or not:

Around 58 percent of Comms Alliance survey respondents said they had submitted a DRIP to the AGD, while 23 percent more said they would soon. Just 19 percent said they had not.

However, a staggering 76 percent of those that had submitted a DRIP claimed they had not yet heard back from the AGD as to whether it had been approved.

A total of 9 percent had received approved DRIPs, and around 14 percent said final approval was still pending

Gee, it almost sounds like Brandis' office is dealing with a bit of information overload and doesn't know how to deal with it. Doesn't that seem like a great situation to now add much more data to? Meanwhile, this whole scheme -- of which there is no evidence that it will be even remotely useful -- is going to cost everyone hundreds of millions of dollars. The government is paying for some of it (meaning taxpayer funds) while expecting the rest to be covered by increasing ISP fees. In short: everyone in Australia now has to pay lots more money for an incompetent government agency to more easily spy on them. How nice.

It seems like the only sensible response has come from Senator Scott Ludlam, who fought hard against the data retention plan. He's now telling people to encrypt their data and to use VPNs and Tor to hide from the government.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: australia, data retention, drip, george brandis, isps

27 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Anonymous Coward, 14 Oct 2015 @ 3:53am

please clearly specify in engieering terms exactly what do isps have to deliver to the spy wannabe hovernment???
r/ we just want the needle
[ link to this | view in chronology ]
- Alan, 14 Oct 2015 @ 4:14am
  
  Re:
  Thats why i got PureVPN to hide my original ISP
  [ link to this | view in chronology ]
Stephen, 14 Oct 2015 @ 4:07am

"Telcos confused and unprepared for new data retention laws"
Here's a link to a better description of the confusion, one less filled confusing with jargon and acronyms:

http://www.smh.com.au/federal-politics/political-news/telcos-confused-and-unprepared-for-ne w-data-retention-laws-20151012-gk6zq1.html

The first two paragraphs summarise the situation:
Fewer than one in five Australian telecommunications companies say they are ready to store all the information required under Australia's new data retention laws, which officially come into force on Tuesday [13 October 2015].

Most major providers do not expect to fully comply with the scheme – which requires them to store Australians' "metadata" for two years – for another 18 months. Almost a year after legislation was introduced into Parliament, telecommunications companies say they remain confused about how the scheme will work and how much of the cost will be passed on to consumers.
In short, more than 80% of Australian Telcos are not yet ready and it will be a couple more years before they will be.
[ link to this | view in chronology ]
- Anonymous Coward, 14 Oct 2015 @ 5:56am
  
  Re: "Telcos confused and unprepared for new data retention laws"
  Whatehv's...
  
  The only expense that the providers are confused about is how much their goobermint will allow them to transfer costs to the consumer.
  
  Will they allow 100% or hopefully 200% of the cost? This is a decision that has their execs sitting up at night.
  
  Be it a tax, regulatory expense, or thin air, businesses do not and will not ever pay a dime in tax, the only one that pays any tax in society is the citizen because they have no mechanism in which to increase or lower cost of a product they sell to compensate for them. They either get more or less for their money.
  
  People are such tools, they complain about government corruption all the while voting in that very corrupt every time they hit the polls.
  
  The People always get the government they deserve!
  [ link to this | view in chronology ]
vanadylum (profile), 14 Oct 2015 @ 4:28am

http://i.imgur.com/xVyoSl.jpg
[ link to this | view in chronology ]
Anonymous Coward, 14 Oct 2015 @ 4:46am

He's now telling people to encrypt their data and to use VPNs and Tor to hide from the government.

That is not necessarily good advice, as if only a few people do so, they will attract attention to the fact that they are trying to hide from the government. The likely result is attracting the attention of the spy agencies.
Expanding the use of HTTPS, hides everybody equally, taking extra steps identifies a person as deliberately hiding from the government.
[ link to this | view in chronology ]
- Anonymous Coward, 14 Oct 2015 @ 5:20am
  
  Re:
  It doesn't matter what kind of encryption people use because they are spied regardless.
  [ link to this | view in chronology ]
- Anonymous Coward, 14 Oct 2015 @ 5:58am
  
  Re:
  HTTPS is not, repeat, NOT, a panacea. Yes, it encrypts data on the wire, however it does not conceal IP connectivity information. Thus someone at 1.2.3.4 using a web browser to talk to a server at 5.6.7.8 may choose to encrypt that conversation via HTTPS, but anyone monitoring any of (a) a router on the CPE (customer premises equipment) side of 1.2.3.4 (b) a router on the server side or the web server itself or (c) a transit router which happens to be in the path between the two endpoints will be able to record that a connection was established, which ports were in use, and the timestamp associated with it.
  
  Yes, this is "only" metadata. But I hope that anyone who has been reading anything about metadata for the last couple of years realizes that it's incredibly important metadata.
  [ link to this | view in chronology ]
  - Anonymous Coward, 14 Oct 2015 @ 6:43am
    
    Re: Re:
    I was pointing out that the advice is close to,
    "Will all those who do not want the government to monitor tyhem please stand up, so that we can set the spies to breaking into your machines."
    [ link to this | view in chronology ]
- Jeremy2020 (profile), 14 Oct 2015 @ 10:13am
  
  Re:
  This is faulty logic. If you don't do anything because not "everyone" is doing it out of concern that it may bring more attention to you then nothing would ever get done.
  [ link to this | view in chronology ]
- peter, 14 Oct 2015 @ 11:10am
  
  Re:
  Set the scene. I am a non-paedo/terrorist/crim. I do not have a criminal record, I do my best to obey the law and have no plans to bring down the government.
  
  So the government decides that they wish to know what websites I visit and who I speak to. Ok, as far as I can see they are doing this for 3 reasons
  
  1. They are doing it 'for my own good'. For the life fo me I cannot think of anything they can possible do make my life better by spying on me. So scratch that.
  
  2. They are doing to catch terrorists/paedos/criminals. But I am none of them, so no information they can gather from spying on me can help them, so scratch that as well.
  
  3. They are doing it just in case, one day, there might gather some information that they can use against me for their own purposes. Remote, but since I cannot think of any other reason they want my information, the only possible reason.
  
  Conclusion, VPN/Tor, here I came.
  [ link to this | view in chronology ]
- Anonymous Coward, 14 Oct 2015 @ 2:25pm
  
  Re:
  Ah; but with an MP telling people to do it... anyone questioned over the practice has a good reason for the activity. And there's nothing wrong with hiding from the government in this context.
  [ link to this | view in chronology ]
Anonymous Coward, 14 Oct 2015 @ 5:07am

Gee, it almost sounds like Brandis' office is dealing with a bit of information overload and doesn't know how to deal with it.

Don't you worry the NSA will be glad to lend a helping hand because they already have that data , been collecting it for years.
[ link to this | view in chronology ]
Anonymous Coward, 14 Oct 2015 @ 5:16am

Total control of the internet.
[ link to this | view in chronology ]
Mitchell Clarke, 14 Oct 2015 @ 5:58am

Savior
Sent Ludlam is right when is advising people to use VPNs to avoid the ISP's monitoring. Because of this many of the VPN providers have started various campaigns for e.g. PureVPN is giving away 75% off (http://bit.ly/1L5YtgR). I wouldn't say that it is a bad thing but before making a purchase do verify what you are buying. After all its your freedom that is at stake.
[ link to this | view in chronology ]
Anonymous Coward, 14 Oct 2015 @ 7:52am

News next week
Data retention law goes into effect in Germany.
They discuss(ed) it today and vote on Friday with a predetermined outcome of about 70-80% for and 20-30% against.
[ link to this | view in chronology ]
- Anonymous Coward, 14 Oct 2015 @ 4:46pm
  
  Re: News next week
  Only reason they made it today was because they phoned some folks after the voting was ruled unlawful
  [ link to this | view in chronology ]
- Anonymous Coward, 16 Oct 2015 @ 7:06am
  
  Re: News next week
  I was close. Final votes
  72.2% for
  26.4% against
  Democracy in action.
  [ link to this | view in chronology ]
Anonymous Anonymous Coward, 14 Oct 2015 @ 8:05am

International Association of Big Brothers
Why does it seem like the Parliament was completing their application for the above group, but in their zeal they neglected to consult with the functionaries that would have to perform the task. After all, there are two members in good standing that have significant and publicly acknowledged experience at such endeavors (USA and UK), and I am certain they would share information for such a good cause..
[ link to this | view in chronology ]
Anonymous Coward, 14 Oct 2015 @ 8:23am

Evidence against
"Meanwhile, this whole scheme -- of which there is no evidence that it will be even remotely useful"

But there is evidence that it isn't useful or at least not very useful.

Austria, 2013, pop ~8mio people (text in German)
http://www.parlament.gv.at/PAKT/VHG/XXV/AB/AB_01179/imfname_353625.pdf
Summary of the text

Times asked for data from the data retention: 354 (326 previous year)
Cases closed (in '13) that used the data: 227
Number of times the data was useless: 122 (~54%)
- Cases closed without using the data: 28
- Data was no longer available: 16
- # times the data didn't do what they wanted: 78
Number of times the data was useful: 105 (~46%)

Reasons for requesting the data:
113 theft
59 drugs
52 robbery /violent theft
43 stalking
38 fraud
16 intimidation
33 (of 34 total)successful complaints against acquiring the data

Reasons given why data retention is needed: terrorism and other serious crimes.
[ link to this | view in chronology ]
- Anonymous Coward, 14 Oct 2015 @ 9:01am
  
  Re: Evidence against
  While that is good support for it, I still would vote against it. Theft, drugs, robbery, etc are just symptoms of a problem in society. Fix those problems and then the crimes will drop considerable. But since the results aren't instant, governments will go back to catching those that are committing crimes and stomping over every along the way.
  [ link to this | view in chronology ]
  - Anonymous Coward, 14 Oct 2015 @ 4:35pm
    
    Re: Re: Evidence against
    What the hell are you talking about? Good support for it?
    8 million people are treated as criminals while only a hundred website visits over a year are questioned? That is as far away from supporting as you can get!
    [ link to this | view in chronology ]
Anonymous Coward, 14 Oct 2015 @ 11:55am

To me, that conversation looks like someone trying real hard not to accidently mention something that i suspect no sane person would want forced in THEIR lives.........not excluding the fucked up shit they DO mention.......without a lick of remorse.........a sense of entitlement......the age of the entitled government..........representation my ass
[ link to this | view in chronology ]
Anonymous Coward, 14 Oct 2015 @ 11:57am

it's the McGuffin of despotism. Anyone they don't like will find it used against them. Be they criminal or political enemies.
[ link to this | view in chronology ]
Anonymous Coward, 14 Oct 2015 @ 2:44pm

from what i read, Brandis was nothing other than a stooge for the entertainment industries! he did as much as he possibly could to screw the people, while implementing laws that gave the industries what they wanted. from what i understand, since the new guy, Turnbull took over, Brandis has been sacked. i'll bet the aussies are saying something like, 'it couldn't have happened to a more deserving guy'!
the really frightening thing is, how many others are there in similar positions to the one Brandis had, doing EXACTLY what the entertainment industries or another, perhaps the Pharma industries, want? the prospect is extremely worrying, i think and when 'Trade Deals' like TPP are more or less forcing countries to be part under threat of sanctions or similar, just to please certain sections like those above, the outlook appears very precarious to me!
[ link to this | view in chronology ]
- Kronomex, 14 Oct 2015 @ 5:54pm
  
  Re:
  Nope, Turnbull didn't get rid of George "Insert Corporate Brand Name Here" Brandis. The gormless idiot is still our Attorney General. Sigh.
  [ link to this | view in chronology ]
  - Anonymous Coward, 14 Oct 2015 @ 6:27pm
    
    Re: Re:
    To be fair Turnbull did remove the 'Minister of the Arts' portfolio from Brandis, thereby removing the one-stop shop for Rupert Murdoch to deal with. However as most of the stuff that Murdoch wanted done has now been implemented there is no problem with removing that ministry from him.
    
    As for the terrorism angle, the Australian government & its agencies have had more than enough power to access the comms tools that any potential terrorists might use for around a decade now.
    
    This is all about Foxtel, Australia's only pay TV presence, to go after file sharing in the wider community. By reducing the National Broadband Network to continuing to use the copper wires (owned by Telstra, the other owner of Foxtel, along with Murdoch's News Corp) at great expense to the government & rejecting the Fibre to the home plan of the previous Labor government Murdoch's business plans have come to fruition.
    [ link to this | view in chronology ]