X
Tech

Turnbull's mutual respect campaign to kick off with taking away privacy

Try as they might to secure the new honeypots of personal data being created, there will be breaches, and your data will appear online eventually.
Written by Chris Duckett, Contributor

This week, Australians will begin to have their telecommunications data retained for warrantless access by police, intelligence organisations, regulation bodies, and anyone else that the Australian attorney-general decides is worthy of access, and that could include private companies.

It's a tragic state of affairs that arrived through a prism of fear. From this point on, Australians will have to live under the assumption that any unencrypted telecommunications are monitored thanks to a combination of a government obsessed with national security and wanting to look as though it was doing something, and a gutless Labor party that could not bring itself to form an opinion of its own lest it be wedged from the far right.

For the lack of political posturing, Australia is now creating a sliding two-year honeypot of information for online hacking organisations and foreign governments to try to get their hands on. It's a honeypot that the Australian Security Intelligence Organisation (ASIO) regards as upwards of 95 percent useless.

Data retention is to come into force in Australia when its newly minted prime minister has decided that the concept of mutual respect needs to be injected into the national conversation.

"We are the most successful multicultural society in the world," Turnbull said on Friday. "We been able to be so successful because of a fundamental Australian value of mutual respect.

"It's the glue that binds this very diverse country together ... do unto others as you would have them do unto you."

Turnbull said that if someone wants to be respected, then they need to show respect.

"That is a fundamental part of the Australian project," he said.

But the prime minister was not addressing the concerns of citizens living in a nation where the authorities are able to rummage through phone call records, email headers, location information, assigned IP addresses, and more so-called metadata any time they like -- he was directing his respect efforts towards fighting terrorism and violent extremism, the issues the government fed off to pass its "tranches" of anti-terrorism legislation that data retention was bundled into.

If the populace needed to be reminded that respect needs to be extended to everyone, then it should not be too hard an ask to expect the same from politicians.

Whereas it was questionable whether Turnbull's predecessor understood the full impacts of data retention -- Abbott having once famously replied, "I don't claim to be any kind of tech-head" when asked for details on his party's National Broadband Network (NBN) proposal, which was announced that very day -- Turnbull not only knows exactly what will happen, he has also previously admitted that VPNs will circumvent the data-retention measures.

"You've all got VPNs [virtual private networks] anyway, so all of you appear to be somewhere in Iowa when you go online, I know that," Turnbull said at the GovHack awards in August last year.

Not only does Turnbull know the theory, but in practice, he is a well-known user of Wikr.

"I use a variety of forms of messaging; I am very careful about security," Turnbull said on Friday when addressing concerns that he was running a private email service to conduct government business.

"I can tell you that text messaging, which is widely used, is the least secure form of communication: It's unencrypted in transit and it is unencrypted at rest."

Starting at midnight this Tuesday, though, under Turnbull's watch, the great collection of Australian telecommunications data will begin: Large databases will start to fill up, and in the coming weeks, months, and years, those databases will be compromised.

When the company responsible for holding the data realises its data has been exfiltrated, it will need to provide notification of the breach, but practically, it will be less useful than elsewhere in the economy.

For instance, if a retailer is breached in a manner similar to how Kmart and David Jones were attacked recently, then consumers are able to make a judgement on their privacy practices and use a different retailer in the future if they are unsatisfied with their practices.

Under data retention, though, if a telco is breached, its customers do not have the option to move to a telco that retains less data or even no data. The only option available is to move to a company that has a better image of protecting its data. The question that needs weighing up is whether an alternative telco actually does a better job of implementing its security strategies, or whether it has simply not found the persistent threat in its network yet.

On a long enough timeline, the chances of security breach hit 100 percent, and consumers will effectively be playing Russian roulette with their data.

Thanks to data retention, for Australians, that timeline has now been significantly shortened for those whose personal details are used for billing purposes by telcos across the nation.

Yet, for the sake of presumably catching out the few criminal masterminds or terrorists who use unencrypted communications, the entire population of Australia needs to be tracked and bear the consequences.

It's an idea that flies in the face of the mutual respect arguments the prime minster was making last week.

"That's why those people who decide that the response to the extremism of a very small minority is to vilify all Muslims are absolutely acting in a thoroughly counter-productive way," Turnbull said.

"That is the most counter-productive thing you can do."

Data retention is certainly a counter-productive and costly exercise, one with the potential to send some smaller ISPs broke just to comply with the demands the government is putting on them.

With the great Australian telco consolidation of 2015 continuing, the last thing the sector needs is providers going to the wall under regulatory burden -- an idea that is meant to be heretical within the Australian Liberal party.

It's naive to expect that in the face of evidence, and soon-to-be-expected experience, or courts in other nations finding data retention to be a breach of human rights, that the Australian political class will suddenly decide to retract the measures.

It was introduced by the two dominant parties of Australian politics, and it would need to be rescinded by both to ensure that the other did not embark on a campaign of saying the other was "soft on terror".

Do not expect the planets to align on that matter any time soon.

However, contained within Turnbull's comments on Friday was perhaps the best accidental call to arms to fight for privacy that a politician has said in some time.

"Let me just say to you that the most important thing is that when people speak the language or promote values which are antithetical to Australia's best interests, it's important for those who hold Australia's best interests dear to call them out, and take them on, and to win the argument."

Hear, hear.

Editorial standards