A laugh rolls through the crowd gathered at Deakin Edge for the Melbourne Writers Festival session Live Hack: Understand Metadata.
Professor Gillian Triggs, former president of the Australian Human Rights Commission, looks back at the screen displaying intimate details of how she spent a random day at work, all of which have been logged under the government’s metadata retention policy, to see what’s so funny.
Email – 12:01 – Seniors Card Application
It’s a moment of slight embarrassment for Triggs, and one of brevity on a night that is sure to reveal some terrifying truths.
That brevity vanishes the moment ex-Greens senator Scott Ludlam takes the microphone and points out that we don’t know what the email was about. After all, metadata is only a descriptor for data, not the data itself. Perhaps Triggs was applying for someone else. Perhaps she was conducting research. We don’t know. All we have to go on are our assumptions.
And those assumptions, which Ludlum’s comment has left the entire audience questioning, aren’t too dissimilar from the assumptions used to justify drone attacks on human beings all around the world in the name of safety and security.
As of April 2017, ISPs within Australia have been lawfully obligated to track and store this information on every one of their customers. As to be expected, opting out is all but impossible, due to the nature of digital communication. Unless both sender and receiver opt out, the metadata will still be retained.
“So what?” the common response from Australian citizens begins. “I’ve got nothing to hide, so I have nothing to fear.”
Ask those who make this argument to hand over their phone, and grant you permission to post whatever information you find on it across social media, and you’ll realise how quickly it unravels. Because the issue doesn’t revolve around hiding potentially incriminating information. Those who are in the wrong already know how to cover their tracks. It revolves around our ability to protect our privacy, and decide how much of our personal lives to reveal to the world.
When I say the world, I mean it literally. As a member of the Five Eyes Alliance, Australia’s metadata is shared with Canada, New Zealand, the UK, and the US.
To what ends? Even Ludlum, who was a member of parliament when the bill passed, and perhaps the only politician whose understanding of digital privacy should be respected, doesn’t know. The only thing he is certain of is that ISPs, and the organisations that have access to the data, have no obligation to ever destroy irrelevant information. That means that whatever exists, exists in perpetuity on unregulated servers to which members of these organisations have unlimited access. That makes it significantly easier for those who wish to abuse the system to do so.
It took less than a week after the laws came into effect that the first case of abuse came to light. Following a leak within its ranks, members of the Australian Police Force acquired metadata on Guardian reporter Paul Farrell in an attempt to identify his sources. Even under the new laws, the metadata of journalists can only be accessed with a warrant, yet the AFP ignored these rules in order to conduct an illegal witch hunt.
AFP Commissioner Andrew Colvin put this breach down to “human error”, but the excuses fail to justify a corruption of the law at the highest level.
Triggs reveals that an astounding 57 organisations across Australia are campaigning for access to metadata. These organisations include the Australian Greyhound Racing Association, the Australian Taxi Industry Association, and Australia Post. What abuses of power could stem from granting them access can only be imagined, but as Triggs warns, “If it can happen, it will happen”.
Those currently standing against metadata retention face tough competition. Looking beyond the incompetence of current political leadership, and flaccid opposition towing the line as they wait for their hour of power (another warning from Triggs: “bipartisanship, in anything, is bad”), Australia offers little in the way of constitutional protection for the protection of its citizen’s privacy. The result? Overreaching policy, the likes of which have been deemed invalid across European nations.
But they have been implemented to terrify Australians, Ludlum declares. To not have them, supporters of the law like Tony Abbott have exclaimed, is to invite terrorists and pedophiles into our neighbourhoods. So while the fight against the laws have been loud, they have mostly been ignored.
And so they will be, Triggs notes regrettably, until a “cataclysmic event” strikes our nation, and proves that such schemes do little to protect those who sacrifice their privacy to retain a sense of security.
For now, opponents to the laws must watch and wait as their rights are further exploited. As Ludlam reveals, metadata is only the beginning. In 2018, the Gold Coast will host the Commonwealth Games. There, a new security system will be trialled across the city. Cameras with facial capture and recognition software will be placed in key areas. This data will be paired with metadata collected from the individual’s mobile phones, allowing them to be tracked.
Ludlam and Triggs end the dystopic discussion not with a message of home, but one of activism. “This is not about technical aptitude. This is a political issue, one that can be mapped to news polls.” To solve it, Australians must be vocal in their criticism. We must hold governments and organisations with access to this data to account, and demonstrate our desire to retain our privacy.
Because if we do not force them to change, nothing will.
For more information on metadata retention in Australia, visit
digitalrightswatch.org.au
“That means that whatever exists, exists in perpetuity on unregulated servers to which members of these organisations have unlimited access.”
I can promise you, no ISP is keeping this stuff for a minute longer than the statutory period of two years. That takes up storage, which costs money and I’m not being paid to store it. So it’s gone. Also, my guess is many ISPs are staffed with people who aren’t fans of the legislation either so I’m following the rules but not any further.
Hi Chris.
I appreciate your reply, and thank you for the clarification. Ludlam was talking more broadly – not specifically ISPs, but about any organisation that has been granted access to the metadata.