The Australian Security Intelligence Organization (ASIO) is pushing for laws that would make telecommunications companies retain their customers’ web-browsing data, as well as forcing web users to decrypt encrypted messages.
In these post-Snowden times, when people around the world are
furious over revelations that their communications’ ‘metadata’
has been scooped up by a vast, US-built surveillance network,
Australia’s ASIO is looking to further bolster its phishing
powers, as opposed to scaling them back as many people clearly
favor.
With no loss of irony, the agency is pointing to the sensational
case of Edward Snowden - the former NSA
contractor-turned-whistleblower who last year departed from US
shores with thousands of files on the American spy program - to
expedite the process of creating a data-retention regime that
would store users’ data for two years, or possibly longer.
"These changes are becoming far more significant in the
security environment following the leaks of former NSA contractor
Edward Snowden," ASIO said in its parliamentary submission
to modify the Telecommunications Interception and Access Act.
Although retaining ‘content’ data has been declared off-limits to
the surveillance program, several security agencies, including
the Northern Territory Police and Victoria Police, want
web-browsing histories stored.
Metadata gathered on web-browsing would include an IP address and
the IP addresses of web servers visited, or uniform resource
locators (URLs) and the time at which they were visited. Email
metadata, meanwhile, might include information such as addresses,
times and the subject field.
Australia’s intelligence agencies accessed metadata 330,640 times
during criminal and financial investigations in 2012-13,
according to The Sydney Morning Herald.
Northern Territory Police said in its submission that meta-data
found in browser histories were "as important to capture as
telephone records".
Additionally, the agency is calling for enhanced powers to sift
intelligence data from emails and social media sites, as well as
forcing web users to decrypt encrypted material if requested to
do so by the spy agency.
“Under this approach, the person receiving a notice would be
required to provide ‘information or assistance’ to place
information obtained under the warrant into an intelligible
form,” the submission said.
“The person would not be required to hand over copies of the
communication in an intelligible form, and a notice would not
compel a person to do something which they are not reasonably
capable of doing. Failure to comply with a notice would
constitute a criminal offense, consistent with the Crimes
Act.”
ASIO points to the Snowden leaks, and the increased popularity of
encryption technology on the internet, as a reason for resisting
changes.
"In direct response to these leaks, the technology industry
is driving the development of new internet standards with the
goal of having all web activity encrypted, which will make the
challenges of traditional telecommunications interception for
necessary national security purposes far more complex."
However, a number of organizations, including the Australian
Mobile Telecommunications Association, the communications lobby
group, warned against widening surveillance capabilities and what
it means for privacy rights.
“The associations also note that a data retention scheme will
involve an increased risk to the privacy of Australians and
provide an incentive to hackers and criminals. Data retention is
at odds with the prevailing policy to maximize and protect
privacy and minimize the data held by organizations,” the
submission said.
“Industry believes it is generally preferable for consumers
that telecommunications service providers retain the least amount
of data necessary to provision, maintain and bill for
services.”
ASIO is not only fighting back against any restrictions on its
work, it is actually calling for more spying powers.
For example, when the Australian Law Reform Commission argued for
the creation of a “public interest monitor” to assert
some guidelines on intelligence gathering, ASIO said it “has
reservations about this, if the effect would be simply to insert
yet another approval step into the authorization of a TI
warrant.”
Meanwhile, the Australian Federal Police said it wanted to store
data "to ensure a national and systematic approach is taken
to safeguarding the ongoing availability of telecommunications
data for legitimate, investigative purposes." At the same
time, however, it admitted work needed to be done to understand
what type of data got retained and for how long.
Electronic Frontiers Australia, the online rights group, is
lobbying against the amendments, arguing that storing web
meta-data was "an ineffective method to curb terrorism."
"The ease with which data retention regimes can be evaded is
grossly disproportionate to the cost and security concerns of the
data retention regime," it said.
Meanwhile, the Coalition government's Attorney-General George
Brandis said on Monday that the government was "not currently
considering any proposal relating to data retention" despite
the push from the country’s intelligence agencies.
Shadow Attorney-General Mark Dreyfus said Labor was waiting for
the Coalition's response to an inquiry that had opened in June of
last year before it announces its position.
"There was insufficient time while Labor was in office to
formulate a considered response to the matters discussed in the
Committee's report, including the merits of a data retention
scheme," Dreyfus said, as quoted by the paper.