Australian Government Using Data Retention Law To Seek Out Journalists' Sources, Hunt Down Whistleblowers

from the any-law-that-can-be-abused-will-be-abused dept

Thu, Sep 1st 2016 2:42pm — Tim Cushing

If there ever were decent protections for whistleblowers in Australia, they're gone now. Australia's Attorney General was pushing for harsher whistleblower punishments two years ago, while simultaneously claiming data retention laws -- and expanded permissions for intelligence agencies to pore through retained data -- were simply the way governments were doing business these days.

And what a business it is. The Australian government wants to punish whistleblowers but finds they're often difficult to track down. It's just so much easier to find those they leak documents to, like journalists, and work towards getting them to divulge their sources. The "best" part about the new data retention laws is that those seeking whistleblowers to punish won't have to confront journalists directly. In fact, they may never need to speak to them at all.

[Journalists'] union, the Media and Arts Alliance, has warned that they’re likely to become a test case for a little known provision snuck into the Government’s Data Retention laws, the Journalist Information Warrant Scheme. The new laws allow police and other investigative bodies to seek access to the phone records, emails and browser histories of journalists in order to track down sources they suspect of leaking confidential information.

Obviously, this raised concerns when the data retention law was first proposed. A band-aid was presented by legislators who threw in a few token "safeguards" to protect journalists' sources. But in practice, these safeguards aren't guarding anything. At best, they only give the appearance of adversarial proceedings before the government is given the greenlight to go digging through metadata.

Journalists and their employers are not allowed to challenge these warrants to the issuing body or even in court. They’re not even told whether one has been granted. Instead, the legislation requires the Prime Minister to appoint two ‘Public Interest Advocates’ who can choose to make the case against issuing a warrant. However, these advocates aren’t actually required to show support for the journalist, or media organisation, or even show up to deliver their case. Warrants can be issued without an advocate’s attendance or submission, and last up to six months. The scope of the warrant extends to all the journalist’s metadata captured over the previous two years.

The article notes that 21 Australian agencies can access journalists' data through this process -- data that must be retained by ISPs to better serve the "fighting terrorism" call. If it's used to sniff out whistleblowers or, I don't know, copyright infringers, then that's presumably considered a feature, rather than a bug.

The new law acts as a double-edged weapon against government accountability. It allows the government to seek out and punish those that expose wrongdoing and the chilling effect it creates means fewer journalists will be willing to publish documents showing evidence of government misconduct.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: australia, data retention, privacy, whistleblowers

27 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Anonymous Coward, 1 Sep 2016 @ 3:02pm

"The new law acts as a double-edged weapon against government accountability. It allows the government to seek out and punish those that expose wrongdoing and the chilling effect it creates means fewer journalists will be willing to publish documents showing evidence of government misconduct."

Working as intended.
[ link to this | view in chronology ]
David (profile), 1 Sep 2016 @ 3:22pm

Welcome to Australia.
It only looks nice down under. Fun in the sun, shrimp on the barbee and crocs will still eat you and your kids.

Come join the fun, please email first.
[ link to this | view in chronology ]
btr1701 (profile), 1 Sep 2016 @ 3:26pm

Metadata
> The new laws allow police and other investigative bodies
> to seek access to the phone records, emails and browser
> histories of journalists in order to track down sources

> At best, they only give the appearance of adversarial
> proceedings before the government is given the greenlight
. to go digging through metadata.

If they're allowed to access a journalist's emails, they're digging through a lot more than metadata.
[ link to this | view in chronology ]
- That One Guy (profile), 1 Sep 2016 @ 3:28pm
  
  Re: Metadata
  Even if they were just limited to just metadata that would be bad enough, as evidenced by the fact that despite claiming that 'metadata is harmless' they want it so badly, and guard their own so fervently.
  [ link to this | view in chronology ]
  - Anonymous Coward, 1 Sep 2016 @ 4:11pm
    
    Re: Re: Metadata
    Metadata can include literally everything that is knowable about communications. All text in the body of the email can be included in a text metadata field and suddenly the claim to only have metadata while true, is meaningless.
    [ link to this | view in chronology ]
That One Guy (profile), 1 Sep 2016 @ 3:26pm

"Because screw yo- I mean national securi- you know what, I was right the first time."
Journalists and their employers are not allowed to challenge these warrants to the issuing body or even in court

...

However, these advocates aren’t actually required to show support for the journalist, or media organisation, or even show up to deliver their case.

Because nothing says 'No really, this is absolutely an adversarial court' like having the people assigned to 'represent' you not have to actually show up at all or care one bit about you.

Yeah, pretty sure the 'Public interest advocates' weren't put in place to assuage worries, instead I'm guessing that bit of the text was added solely to act as a giant one-finger salute to the ones expressing those worries, by people who were laughing the entire time they wrote it.

"No really, they're there to represent you. I mean we won't force them to show up, or actually represent you, but they're totally there to keep us in check and make sure we don't go overboard."
[ link to this | view in chronology ]
Rocky, 1 Sep 2016 @ 4:01pm

Sneakernet
Seems the journalists needs to start using sneakernets. Good luck mining the ISP data then.

The thing is, if you are a journalist ANYWHERE in the world, you don't put unpublished sensitive stuff on the internet (ie. mail/cloud storage etc) that might inconvenience the government or some moron politician. If they do the data is more or less already compromised.
[ link to this | view in chronology ]
- Anonymous Coward, 2 Sep 2016 @ 1:16am
  
  Re: Sneakernet
  The journalists are going to have to do what the Russians did, and that is break out the typewriters and filing cabinets. Then not only will governments need a warrant to search them, they will need a lot of people to read all the paper contained therein.
  [ link to this | view in chronology ]
Anonymous Coward, 1 Sep 2016 @ 4:05pm

It's all about a weak, useless and paranoid government scared that more and more of their dirty dealings will get out. Journalists are the visible tip of the wedge. Anyone with any sense knows that all of us in Australia (except for the privileged and even they should be worried) are the true targets.
[ link to this | view in chronology ]
No Name, 1 Sep 2016 @ 4:06pm

Is it really so hard to use darknet?
Routed through a VPN? I mean, it takes like 2 minutes to set up.

Tor, I2P, Freenet are all pretty secure (provided you use NoScript or other alternative that disables Javascript and other vulnerable protocols)

Any journalist worth his or salt should be familiar with the tech, and be using it for sources on a daily basis. If you conduct that shit through clearnet email, you have only yourself to blame when the gov't does what it's gonna do - protect itself.
[ link to this | view in chronology ]
- Anonymous Coward, 1 Sep 2016 @ 4:19pm
  
  Re: Is it really so hard to use darknet?
  Hard to use? No.
  
  Hard to use in a meaningful and effective way when you're up against a nation-state? Absolutely.
  [ link to this | view in chronology ]
  - No Name, 1 Sep 2016 @ 5:30pm
    
    Re: Re: Is it really so hard to use darknet?
    Maybe if the entire nation state is after you, directing 100% of its resources towards finding your source, sure. But this is a general fishing expedition. They're tracking your browsing history via the ISP and subpoenaing GMail contents.
    
    Using disposable one time darknet emails devoid of personal details routed through a VPN with no AU servers is not hard to do. But very hard to crack, almost impossible if proper security protocols, which are in themselves not hard to maintain, are followed.
    
    Setting up a freenet server for a day isn't hard, either, and removing it as soon as the documents are received. They're not going after Js for posting the info, only the sources. Ensuring their anon is doable. It requires a little forethought and basic grasp of technology.
    [ link to this | view in chronology ]
    - Anonymous Coward, 2 Sep 2016 @ 1:19am
      
      Re: Re: Re: Is it really so hard to use darknet?
      All your suggestions work well, once the people who want to talk to each other have gotten themselves organized, and are useless for someone who wants to make the initial contact with a journalist, and needs to give them enough so that they bite..
      [ link to this | view in chronology ]
- waqqa, 5 Sep 2016 @ 7:39pm
  
  Re: Is it really so hard to use darknet?
  Tor is not secure, google it!
  [ link to this | view in chronology ]
Anonymous Coward, 1 Sep 2016 @ 4:46pm

Sounds like an totalitarian regime
[ link to this | view in chronology ]
Anonymous Coward, 1 Sep 2016 @ 6:16pm

As it has benn said before and will be said again
Senator George Brandis believes wholeheartedly in the "Rule of Law" as long as it is himself making the laws. Because he has made it to one of the pinnacles of lawyerhood in Australia - he is a SC and he is now a politician - he believes he knows the TRUTH better than anyone else.

One of the special attributes of those who reach this position is that they have to be capable of turning on everyone who is NOT paying them. So he treats every ordinary citizens, business and service suppliers, etc. as those to be used for his good pleasure. It is well understood here, that you NEVER do any business with these people as it will ALWAYS cost you greatly in the end.
[ link to this | view in chronology ]
Disturbed (profile), 1 Sep 2016 @ 7:56pm

Slippery slope
Sigh, why am I not surprised. It's always for "the terrorists" at first, the invisible boogeyman that's apparently everywhere... Then it's for the pedophiles, then for journalists.

Next thing you know they're giving you a rectal scan whenever you buy an ice cream, give them an inch they'll take a mile. Seriously though we need to encrypt EVERYTHING, I don't care if it's a toaster, it should be encrypted.
[ link to this | view in chronology ]
- Joe, 1 Sep 2016 @ 8:41pm
  
  Re: Slippery slope
  Encryption isn't the weakness in whistleblowing. It's that coincidence of sending 10GB of packets to a server run by a newspaper, a week or month before a story breaks. It's possible to run a shared hidden service on I2P that lets you do P2P. Something like the Postman for journalists needs to exist. Oh wait... ;)
  [ link to this | view in chronology ]
Gina Dajani, 2 Sep 2016 @ 1:13am

What's Next?
I don't get it! Whenever I see laws like this, I simply laugh hysterically, because in past these laws and these tactics have all gone in vain. One way or another people will use privacy tools(http://goo.gl/pYPtGv) to counter such issues. They simply can't fight people, because people have now evolved.
[ link to this | view in chronology ]
- Padpaw (profile), 2 Sep 2016 @ 5:36am
  
  Re: What's Next?
  I believe the ultimate goal behind those who do this sort of stuff is to set up a dictatorship with the newly minted prime minister for life or king if you prefer ruling over everyone else who just got turned in slaves and serfs for their pleasure.
  [ link to this | view in chronology ]
Anonymous Coward, 2 Sep 2016 @ 2:13am

They're going after more than *just* journalists. AFP raided the federal parliament a few days ago to seize official opposition political party emails. The chief of staff for the current attorney general, the main architect of the modern Australian police state, is an ex head of ASIO. Most of the ruling party politicians make tea-partiers look like Icelandic moderates. Australia is a hairs breadth from full-blown authoritarianism.

https://www.theguardian.com/technology/2016/aug/24/police-to-raid-parliament-house- department-over-nbn-leak-says-stephen-conroy
[ link to this | view in chronology ]
- Ninja (profile), 2 Sep 2016 @ 4:19am
  
  Re:
  Anybody who has been paying minimum attention to news from Australia these days can see it coming. I wish luck to our Aussie friends. Though we have our hands full with a white coup d'etat here.
  [ link to this | view in chronology ]
Ninja (profile), 2 Sep 2016 @ 4:17am

Either use powerful encryption or go full anonymous and simply release the documents without filtering or redacting info that could be dangerous to the country, consequences be damned. They want war on whistleblowers? Go nuclear. Simple as that.

Official channels my ass. Snowden was right all along even if he isn't Australian.
[ link to this | view in chronology ]
Anonymous Coward, 2 Sep 2016 @ 5:09am

What are they afraid of?
If you have done nothing wrong, you have nothing to hide .. amirite?

Funny in a sad sort of way, they simply do not see their own hypocrisy.
[ link to this | view in chronology ]
Padpaw (profile), 2 Sep 2016 @ 5:33am

someone desires to be king and nor PM
[ link to this | view in chronology ]
- Anonymous Coward, 2 Sep 2016 @ 7:26pm
  
  Re:
  Senator Brandis ain't got a hope of being PM let alone King. Bill Shorten may aspire to being PM, but there are too many on his side of politics that would assassinate him if he headed that way.
  [ link to this | view in chronology ]
Anonymous Coward, 28 Oct 2016 @ 12:52am

Yeah, the post did help me in clearing up few underlying facts about the data retention law. There is only a certain set of data that is required to be stored by telecom companies and ISP. However, there are still few areas I am concerned about.
Australian government says it does not promote companies to record user’s web history but as far as I see it, any Australian based ISP is required to log their users IP address, internet sessions and the websites they visit. There is a big gap in providing clarity for which data can be stored and which should not. Although the post says encryption tools such as VPNs won’t be of any use; I am afraid they will be. Especially if these VPN services are not based in Australia, they can certainly protect your internet activity from being recorded (as explained here: https://www.purevpn.com/australia-vpn-service.php).
Even if the government does not record my phone calls or the conversations that take place, they still are monitoring me, aren't they. My phone number, call duration, and the person with whom I talk are still recorded, which leaves me very vulnerable. Same is the case with internet activity. One thing I would disagree with is that in the post, the author said that the data retention regime is implemented to stop child pornography. I think that is one of the reasons but terrorism is definitely amongst them as well.
The Australian Governments website (https://www.ag.gov.au/dataretention) states that "Metadata is used in almost every serious criminal or national security investigation, including murder, counter-terrorism, counter-espionage, sexual assault and kidnapping cases." This shows that the government has implemented this law to identity anyone that they thing is involved in suspicious activities. Also, if you remember about the information that was leaked by Edward Snowden about Five Eye nations showed that Australian intelligence agencies have working for a long time in the background collecting user information. The only difference now is that things have become official with the data retention law.
[ link to this | view in chronology ]