Ever since the US terrorist attacks of September 2001, crime and investigative agencies have been demanding more and more powers to reach into our private and digital lives. This month’s incursion is mandatory metadata retention, a system better known under its traditional title of ‘Big Brother’, or universal government surveillance.
The Federal Government, aided and abetted by Labor, has just last week driven these laws through Parliament’s lower house. If they pass the Senate (which could be this week) they will require telecommunications companies to capture and store everyone’s metadata for two years: who you called and emailed, who contacted you, when, how long, and where you both were.
Well, that’s what they want for now – that category can be changed by regulation whenever the government chooses. Whilst the content of emails isn’t currently included, the metadata they plan to collect is personal to you, and in no way anonymised.
There's no convincing explanation for the need for the laws, let alone the urgency. But in some ways, it’s shone a light on what is already occurring, quietly unregulated and unsupervised, between police and telcos.
Some metadata (though significantly less than the new law will require) is stored for telcos’ own purposes, like billing, and it’s freely obtained by police without a warrant: there are 500,000 metadata disclosures per year.
Rather than plug this gap in our protections, the Abbott government and their Labor Party friends are looking to exploit and broaden it.
So what’s the problem? First, Australians are a trusting lot, and perhaps the Facebook generation doesn’t value its privacy much yet. But we haven't seen the full gamut of data misuse and abuse yet either. We do know that both governments and telcos are vulnerable to hacking, and leak personal data with alarming regularity. Plus, the more data they've hoarded, the more valuable a target it becomes.
No-one in a liberal democracy should be subject to this creeping intrusion, and when authorities say, ‘Those who have nothing to hide have nothing to fear,’ it’s a sign we're on the slippery slope to a police state. It's indiscriminate, dragnet policing of ordinary people.
Once the data is accumulated, it’s not just available for police and hackers – it’s available to be subpoenaed by angry former partners in family law proceedings, anti-piracy copyright enforcers, or insurance companies trying to disprove claims.
Consider the situation of those with something to hide who aren't terrorists or gang members. Consider the communications between doctors and patients, counsellors and abuse survivors, lawyers and clients, and commercially sensitive business-to-business dealings. Add to this anyone in witness protection schemes, people seeking refuge from a violent past, or even bankers and traders in the finance industry who we know are already being targeted in cyber espionage from foreign spies.
Who will this system catch? Almost certainly not people planning major terror events. Malcolm Turnbull has already said that savvy operators can anonymise and encrypt their communications so metadata can't be captured. Anyone with sinister motivations will likely avoid the domestic data retention regime entirely by retreating to the ‘dark web’, and use routers like Tor to hide their identity.
If it's that easy, you have to wonder if it’s worth it.
To add insult to injury, compulsory data retention is estimated to cost $400 million in its first year, which we will all pay through higher phone and data bills – or tax.
If the Coalition’s and ALP’s deal becomes law there is only one group whose metadata crime agencies will require a warrant to access: journalists.
Bound by a code of ethics to protect their sources, journalists are rightly concerned this law quickly becomes an anti investigative journalism, anti whistle-blower weapon. Of course even this protection is limited, because when Attorney General Brandis and the ALP talk of protecting ‘journalists’ they don’t mean citizen journalists or bloggers, only those directly employed by entities like Newscorp.
Even if journalists’ sources can’t be identified without a warrant, this so-called protection is paper-thin. It's not hard to imagine authorities pursuing the media – because it’s not hypothetical.
A recent Parliamentary inquiry into the NSW police bugging scandal found that TV reporter Steve Barrett was targeted by crime agencies with dozens of improperly obtained covert surveillance warrants between 1999 and 2000.
The inquiry uncovered a series of warrants being rubber-stamped by the Supreme Court. In one case, there was zero supporting evidence for 46 of the 114 targets on a single covert surveillance warrant. A former judge admitted that there is no way to properly check that the warrants were in order. He resorted to checking for obvious errors like inclusion of the names “M. Mouse” or “D. Duck” before he signed off. He also couldn't remember refusing a single one.
Journalists will be like dolphins caught in a dragnet, and collecting metadata puts their independence at risk.
Where you go, who you speak with, who you write to, can reveal significant details of your life. The fact is that once this data is collected and retained then no government and no corporation can seriously protect it. The Greens say the answer to this dilemma is straight forward, if you can’t protect it then don’t collect it.
In the meantime, since neither the Government nor the Opposition are interested in protecting your privacy, the Greens are following Malcolm Turnbull’s advice and hosting our own Crypto Parties to teach you how to encrypt our own data.
Our experts can give you some straightforward steps to protect the details of your electronic life from the coming Government cyber-snoops.
Just remember that, until you're encrypted, spread the word by crayon and chalk because it’s none of Mr Brandis’ business.
* David Shoebridge is a Greens MP in the NSW Parliament and spokesperson for Justice.