Australia Begins Mass Data Retention

 

Large amounts of telecommunications metadata must now be kept for, at least, two years by Australian telecommunications companies after a new law that came into effect recently.

It includes data on who called or texted whom and for how long, as well as location, volume of data exchanged, device information and email IP data. Some data was already being retained but the new rules expand on this. It also makes it much easier for authorities to access the records.

The new law has caused heated debate among Australians with some justifying the expanded data retention and others pointing out flaws in the plan.

The bill was introduced to the Australian parliament when current prime minister, Malcolm Turnbull, was communications minister. He called it "critical" for security agencies and law enforcement, citing investigations into domestic terrorism.

"No responsible government can sit by while those who protect us lose access to vital information, particularly in the current high threat environment," he said at the time, in a joint statement with Attorney-General George Brandis.
 
The government has stressed that the data retained is only "metadata" and does not include the content of calls and messages themselves. The law also does not require firms hold on to a web users' browsing history. The authorities also point out that some of this data was already being retained by telecommunications companies, albeit on an ad hoc basis.

Third-party email, video, and social media platforms such as Gmail, Hotmail, Facebook and Skype are also exempt from some of the data retention requirements, as are internal email and telephone networks, such as those provided by corporate firms and universities.
 

_86087254_7f9c2a99-60a2-43c0-8d83-f99968c9fa65.jpg

NSA leaker Edward Snowden weighed in on the new rules

Opponents point out that, considered in entirety, such metadata paints a detailed picture of what people are doing, even if the content of messages is not included. They also point out that while terrorism and child abuse investigations are often cited, the new rules allow for data to be requested for much more minor crimes. The process of request has also become much easier. Typically it will not now require a warrant. It will still take a warrant to access a journalist's data to identify their sources, but that hearing will take place in private. And no warrant is needed for government agencies to search the data of its own ranks if that is where they suspect the source lies. 

There are fears too that having introduced the legislation, it will be tightened further in future. The multi-million dollar scheme has also come under fire for its cost, which will be partially borne by the government.

Australian Green Party Senator Scott Ludlam tweeted that it was "absurdly expensive and complex for ISPs to implement, trivially easy for anyone to defeat" - a reference to the prime minister's admission that he also uses encrypted messaging apps.

The Green Party voted against the bill, along with six independent senators, but was overwhelmingly defeated.

The security of the servers used to hold the data has also been a question, with mass data breaches becoming increasingly common around the world.

There have also been reports that some companies are unsure whether they are covered by the new laws and exactly what data they need to keep.

BBC:http://http://bbc.in/1QmW9pt

 

 

« Second Snowden Has Leaked Drone Docs
Cyberattack: Millions Stolen From UK Bank Accounts »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Industrial Cyber Security

Industrial Cyber Security

Industrial Cyber Security provides specialist consulting services in enterprise and SCADA system security.

Ellipsis Technologies

Ellipsis Technologies

Ellipsis Technologies is a diversified technology company that develops innovative security software for websites and online applications.

NAVEX Global

NAVEX Global

NAVEX Global’s compliance management system consolidates your entire GRC program onto a scalable cloud-based platform.

Cortado Mobile Solutions

Cortado Mobile Solutions

Cortado Mobile Solutions creates enterprise mobility and file sharing solutions for companies, teams and freelancers.

Cytelligence

Cytelligence

Cytelligence is a cyber security consulting company with deep expertise in Cyber Breach Response, Cyber Breach Investigations, and Digital Forensics.

Archivo

Archivo

Archivo is a value added reseller focused on Disaster Recovery as a Service (DRaaS), backup, hyper-convergence, hybrid storage and Cyber security.

AttackIQ

AttackIQ

AttackIQ delivers continuous validation of your enterprise security program so you can strengthen your security posture and your response capabilities.

Transmit Security

Transmit Security

The Transmit Security Platform provides a solution for managing identity across applications while maintaining security and usability.

KETS Quantum Security

KETS Quantum Security

KETS harnesses the properties of quantum mechanics to solve challenging problems in randomness generation and secure key distribution and enable ultra secure communications.

Thoma Bravo

Thoma Bravo

Thoma Bravo is a leading private equity firm with a 40+ year history and a focus on investing in software and technology companies.

Nardello & Co

Nardello & Co

Nardello & Co. is a global investigations firm with experienced professionals handling a broad range of issues including Digital Investigations & Cybersecurity.

link22

link22

link22 offers a high level of expertise within IT security and system solutions. We help public and private actors with highly secure IT-solutions.

iVision

iVision

iVision is a technology integration and management firm that engineers success for clients through objective recommendations, process and technology expertise and best-of-breed guidance.

Cytek

Cytek

Cytek is a leading provider of cybersecurity and HIPAA compliance for dental practices and other industries.

Hummingbird International

Hummingbird International

Hummingbird International, LLC offers services for the collection, audit, computer recycling and safe disposal of laptops, monitor/LCD, hard drives, and IT disposal.

Cytacs

Cytacs

Cytacs is the AI-powered cyber security platform specifically designed for small and medium-scale enterprises.