The timing of Attorney-General George Brandis’ decision to drop plans to allow metadata to be accessed during civil lawsuits on issues like piracy has more to do with the politics than seeing the light.
Late on Thursday, just before many people kicked off for a long Easter weekend, Brandis quietly announced that the government had dropped plans to allow all the data that telecommunications companies are retaining — purely as part of the mandatory data retention regime — to be accessible under civil lawsuits.
This would have meant that the data would have been available to film companies chasing alleged pirates, or companies chasing the sources of journalists writing stories about their corrupt behaviour.
The government floated the idea late last year just before Christmas, and despite the timing, submissions made to the inquiry from telecommunications companies, media companies, and the public in general were largely opposed to the proposed change, raising the question as to why the government had even considered it in the first place.
Then last Thursday, the government went cold on the proposal. The review conducted by the Attorney-General’s Department found that the case had not been made for access to data. In particular, most individuals sending in submissions were opposed:
“Of the 217 individuals who made submissions, four expressed support for allowing civil litigants access to the data. Almost all other individuals were strongly against making exceptions, largely because of concerns about privacy. A range of submissions expressed concerns that providing access to retained data for civil proceedings would be an expansion upon the stated national security and law enforcement objectives of the data retention scheme, including in relation to cases involving copyright infringement.”
Why the change in heart? Was it simply that those who wanted it in the first place didn’t make their voices heard, or was there more politics involved?
It was curious, then, that this announcement was followed this week by the release of the latest Australian Cyber Security Centre (ACSC) survey on cybersecurity, announced by Brandis as “AUSTRALIAN CRITICAL INFRASTRUCTURE ORGANISATIONS TARGETED BY CYBERCRIMINALS UP TO HUNDREDS OF TIMES EACH DAY” (we apologise — Brandis thought it needed to be shouted in all caps), even though the report itself doesn’t specifically mention critical infrastructure in this context (it has two mentions related to the role of ACSC and CERT Australia).
The decision to drop the civil suits, and the phrasing of the release about the survey to be all about critical infrastructure seems to be more to do with getting on the good side of telecommunications companies about legislation currently before the Senate, which will give the government power to direct companies what tech they can and can’t put in their networks — what is referred to in the sector as the No Huawei (a Chinese tech company) legislation.
Brandis is setting up the case for justifying these new intrusive powers as a means to protect from foreign spies, while also seeking to allay concerns with the average consumer about how their data is being used. The legislation is a big change for the telecommunications companies, but ultimately won’t have a major impact on customers — aside from potentially higher prices because the companies are forced to buy tech the government wants rather than the cheapest one on offer.
It also comes the week after telecommunications companies were required to have their mandatory data retention systems in place, and in a Twitter chat yesterday using the hashtag #LetsTalkCyber, the prime minister’s adviser on cybersecurity matters Alastair MacGibbon was asked about whether mandatory data retention created a bigger cybersecurity risk for these companies retaining the data. MacGibbon said data retention “solves serious crimes” and he didn’t buy that it made the companies more at risk, because they already hold a lot of data.
The chat seemed to be more about allowing security vendors to ask Dorothy Dixers than real engagement, in any case. Including questions that seemingly made no sense, as though they were cut and pasted from emails about proposed questions to ask during the chat.
Monkeying around with legislation? How very Curious George?
Have I missed the part where the government outlines the strengthened independent oversight of any agencies able to access our online data? The increased privacy protections for citizens, commensurate with the increased potential intrusiveness? The new safeguards to ensure that any mission-creep is nipped in the bud?
Speaking of creep, any chance of some anti-authoritarian measures to punish dishonest, megalomaniac, or corrupt Attorneys-General?
I must have missed these announcements, because otherwise it would mean that we’re blithely giving these secret squirrel muppets the tools of a fascist state.
Bookshelves Brandis & Turnable’s metadata legislation was the largest expansion in to citizen privacy since…. can anyone name anything larger? Everyone’s email, txt, phone call, download, social media activity is now stored. Govt departments can get around superficial limitations to access it by requesting data via the federal police – and/or ATO?
There was 2/5th’s of bugger-all debate about the metadata legislation. Even media companies, who froth and blather about other self interested issues affecting press freedom etc, rolled their media circus on to the next news item at the time.
And the OZ public? No massive interest in their own privacy.
When Germany considered a similar metadata style law, their Attorney General equivalent stated they were not interested in treating all their citizens as suspects. Not a concern for Bookshelves Brandis and Malcayman Turnable.