Australia Begins Mass Data Retention

Uploaded on 2015-10-18 in NEWS-News Analysis, INTELLIGENCE--International, GOVERNMENT-Law Enforcement, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

 

Large amounts of telecommunications metadata must now be kept for, at least, two years by Australian telecommunications companies after a new law that came into effect recently.

It includes data on who called or texted whom and for how long, as well as location, volume of data exchanged, device information and email IP data. Some data was already being retained but the new rules expand on this. It also makes it much easier for authorities to access the records.

The new law has caused heated debate among Australians with some justifying the expanded data retention and others pointing out flaws in the plan.

The bill was introduced to the Australian parliament when current prime minister, Malcolm Turnbull, was communications minister. He called it "critical" for security agencies and law enforcement, citing investigations into domestic terrorism.

"No responsible government can sit by while those who protect us lose access to vital information, particularly in the current high threat environment," he said at the time, in a joint statement with Attorney-General George Brandis.
 
The government has stressed that the data retained is only "metadata" and does not include the content of calls and messages themselves. The law also does not require firms hold on to a web users' browsing history. The authorities also point out that some of this data was already being retained by telecommunications companies, albeit on an ad hoc basis.

Third-party email, video, and social media platforms such as Gmail, Hotmail, Facebook and Skype are also exempt from some of the data retention requirements, as are internal email and telephone networks, such as those provided by corporate firms and universities.
 

_86087254_7f9c2a99-60a2-43c0-8d83-f99968c9fa65.jpg

NSA leaker Edward Snowden weighed in on the new rules

Opponents point out that, considered in entirety, such metadata paints a detailed picture of what people are doing, even if the content of messages is not included. They also point out that while terrorism and child abuse investigations are often cited, the new rules allow for data to be requested for much more minor crimes. The process of request has also become much easier. Typically it will not now require a warrant. It will still take a warrant to access a journalist's data to identify their sources, but that hearing will take place in private. And no warrant is needed for government agencies to search the data of its own ranks if that is where they suspect the source lies. 

There are fears too that having introduced the legislation, it will be tightened further in future. The multi-million dollar scheme has also come under fire for its cost, which will be partially borne by the government.

Australian Green Party Senator Scott Ludlam tweeted that it was "absurdly expensive and complex for ISPs to implement, trivially easy for anyone to defeat" - a reference to the prime minister's admission that he also uses encrypted messaging apps.

The Green Party voted against the bill, along with six independent senators, but was overwhelmingly defeated.

The security of the servers used to hold the data has also been a question, with mass data breaches becoming increasingly common around the world.

There have also been reports that some companies are unsure whether they are covered by the new laws and exactly what data they need to keep.

BBC:http://http://bbc.in/1QmW9pt

 

 

« Second Snowden Has Leaked Drone Docs
Cyberattack: Millions Stolen From UK Bank Accounts »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

SafeUM Communications

SafeUM Communications

SafeUM Secure Messenger is an encrypted secure communications protection mechanism for instant messaging.

Redscan Cyber Security

Redscan Cyber Security

Redscan Cyber Security is a Managed Security Services Provider (MSSP) that enables businesses to effectively manage their information security risks.

OASIS Open

OASIS Open

OASIS Open is where individuals, organizations, and governments come together to solve some of the world’s biggest technical challenges through the development of open code and open standards.

First Response

First Response

First Response is a Cyber Incident Response and Digital Forensic Investigation company.

Cyber Execs

Cyber Execs

Cyber Execs is a Cyber Security Consultancy & Executive Recruitment firm.

TruSTAR Technology

TruSTAR Technology

TruSTAR is a threat intelligence exchange platform built to protect and incentivize information sharing.

Chainalysis

Chainalysis

Chainalysis provides blockchain analysis software to prevent, detect and investigate cryptocurrency money laundering, fraud and compliance violations.

Nucleon

Nucleon

Nucleon enables cybersecurity tools, organizations and software developers to become proactive by blocking threats before they become breaches.

Corelight

Corelight

Corelight is the most powerful network visibility solution for information security professionals.

TrustMAPP

TrustMAPP

TrustMAPP automates cybersecurity & privacy assessments, with universal workflow, allowing teams to generate analytics and recommendations to align priorities for improvement.

Nardello & Co

Nardello & Co

Nardello & Co. is a global investigations firm with experienced professionals handling a broad range of issues including Digital Investigations & Cybersecurity.

AdaCore

AdaCore

AdaCore is focused on helping developers build safe, secure and reliable software.

Nuts Technologies

Nuts Technologies

Nuts Technologies are simplifying data privacy and encryption with our innovative and novel data containers we call nuts based on our Zero Trust Data framework.

Cyberguardians

Cyberguardians

Cyberguardians is a team of experienced cybersecurity experts and consultants who always believe in the value and a high level of cybersecurity services to clients.

Cybercentry

Cybercentry

Cybercentry is a specialist information security, data protection and cyber security consultancy.

Cyber Industrial Networks

Cyber Industrial Networks

Cyber Industrial Networks objective is to service the needs of industry in achieving reliable, robust and secure infrastructure that supports productivity.