Data retain THIS, Mr Attorney General


In moves that should bemuse or terrify us (I’m undecided which), Australians have been subjugated to empty justifications, misunderstandings and general denial over this government’s plan for mandatory data retention.

Earlier this week, intrepid reporter and awesome guy Josh Taylor quoted the Attorney General as saying:

“The question of data retention is under active consideration by the government. I might point out to you as recently as yesterday, the House of Commons passed a new data retention statute. This is very much the way in which western nations are going,” he said.

And I “might point out” that if your friends all jumped off a cliff..?

You don’t need to read this. No, really

At the risk of preaching to this rather attractive choir that have assembled to read this post, there are serious ethical and technical concerns here.

Mass metadata surveillance would require an inordinate amount of storage and processing power, as well as the ability to archive and mine it in a meaningful way. The steep financial and performance penalties involved would be borne by the users of services, rendering Australia’s IT sector even less competitive.

Such a system represents a huge security and privacy risk, both by blackhats gaining access to this wealth of delicious data, as well as internal staff abusing it.

Ethically and legally, the idea of storing everyone’s information, regardless of whether they’re under suspicion, is a breathtaking overreach of government authority. If someone is to be investigated, a warrant should be served. It’s almost as if we figured this out before.

And finally, the activity would almost certainly backfire. Those who perform illegal activity, if they’re not already doing so, would merely cover their tracks with VPNs, vegetable flavoured routers and a ton of other tools. I assert it would also be trivial to pollute the pool of data, as well as plausibly deny or explain away connections. I have an open WiFi hotspot, no password on my computers and do AirBnB behind a NAT, how can you be sure it was me?

My favourite though would have to be the pathetic excuse that we shouldn’t worry about metadata collection, because it doesn’t invade our privacy and doesn’t reveal much about us. If so, why collect it?

There are far more technical and ethical issues at play here, but I’m just too tired. Maybe its time to do some more keysmash or random dictionary GET requests to random servers and search engines again.

Author bio and support


Ruben Schade is a technical writer and infrastructure architect in Sydney, Australia who refers to himself in the third person in bios. Hi!

The site is powered by Hugo, FreeBSD, and OpenZFS on OrionVM, everyone’s favourite bespoke cloud infrastructure provider.

If you found this post helpful or entertaining, you can shout me a coffee or send a comment. Thanks ☺️.