The Australian Securities and Investment Commission has called for sweeping powers so it can access phone call and internet data for its war on white-collar crime.
Not only does the authority want the powers to intercept the times, dates and details of telecommunications information, it also wants to access the contents of emails, social media chats and text messages.
This is more power than the Australian Federal Police and the Australian Security Intelligence Organisation have sought to assist the crime agencies in investigating terrorism and murder suspects.
A parliamentary inquiry has been set up to examine controversial proposals to force telecommunication companies to store details about every Australian's phone and internet use for up to two years. Some of that information, including telephone logs, could then be subject to law enforcement agencies with a warrant. Other information could be accessed without a warrant. Currently, it is up to telcos to determine how long they store that information.
A discussion paper put out by the Attorney-General's department stresses that the government only wanted so-called metadata – which includes times, locations and durations of phone and internet communication – stored by the telcos.
But ASIC commissioner Greg Tanzer told a parliamentary inquiry in Sydney today ASIC wanted the contents of communications stored, too.
"We want both," he told the inquiry.
In addition to this, Mr Tanzer said the authority had the power to seek warrants for stored data, but wanted the ability to intercept phone calls to help its investigations of white-collar crime.
Liberal Senator George Brandis suggested the move could be a "classic case of function creep", and questioned why it was more appropriate that investigations of white-collar crime have access to a range of comprehensive data that investigators of murder did not.
But Internet Society of Australia president Narelle Clark said metadata included a range of information about people's internet use beyond dates and times.
With access to the website URL a person had visited, she said, it was possible to in some cases access their login details and passwords, and information about where people had been on the web, for how long, and the contents of the web page visited.
Vodafone Agency Liaison Manager David Moss said the company currently only stored customer billing data.
This could include the times, dates and locations of calls made, and the locations of the person being called.
"There's no mystery about it; all businesses keep a record of their transactions for some time," he said.
But, he said, the company and other telcos were concerned at the cost and work involved with being forced to store huge troves of customers' data for two years.
Internet provider iiNet, which has about 820,000 customers, said the government had not provided enough detail for the company to understand how much data would need to be kept.
But, taken to the extreme, keeping all internet information of all its customers for two years would be "stupendous volumes of data, many of which will never be used".
iiNet carries about one million uniform resource locators [URL] per second on its network and said it would have to store all of this information to comply with the proposed legislation.
Preliminary calculations were that it would cost $3 million per month to follow the federal government's wishes, and $400 million across the industry to set it up.
iiNet's regulatory officer Steve Dalby said Attorney General Nicola Roxon expressed interest in knowing the "destination of communication" on the internet. This information is easily available for telephone calls on fixed and mobile networks "because the destination for a phone call is typically a single point identifiable by its telephone number", Mr Dalby said.
"But destination of communication to a website consists of hundreds of thousands of individual points. Because the way the internet operates, each item or object or device on the internet gets its own [unique] address."
Senator George Brandis noted: "What you seem to be saying really is that this is just too much, it is too expensive to be feasible for an ISP to comply with this obligation?"
Mr Dalby replied that although it was technically feasible to keep all website and traffic information for two years, it was a question of cost. However, iiNet also argued it already helps law enforcement agencies gather information on specific targets. And there was no evidence that gathering massive amounts of data on every Australian would improved national security, Mr Dalby said.
"What has not been argued is that [existing laws] have been a massive failure ... and absence of information that if we had it, we would have stopped these things."
Telstra representatives revealed it could not retain any information about what its customers do on applications such as YouTube, online video-conferencing service Skype, auction site eBay or money transfer service PayPal.
"We cannot capture or provide any metadata or any content around something like Gmail because it is Google-owned, it is off-shore and it is over the top of our network. The real value of what we might have in a data retention scheme would be greatly diminished as soon as the organised criminals and potential terrorists knew that we were not capturing that data," Telstra's director of corporate security and investigations, Darren Kane said.
And Telstra already gives police access to metadata such as its integrated public number database (IPND), which contains the names and addresses of fixed phones and details about mobile phone owners. This information is available under current laws, but some police may not know this, Telstra's director of
No comments:
Post a Comment