Monday, March 8, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Cops are getting full URLs under Australia’s data retention scheme

February 8, 2020
in Internet Security
Face recognition: Are Italy’s police using millions more mugshots than is legal?
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

The Commonwealth Ombudsman, Michael Manthorpe, has revealed that law enforcement agencies are being given the full URLs of web pages visited by people under investigation.

Australia’s mandatory telecommunications data retention scheme was meant to deliver only so-called “metadata” to the cops and spooks. Under the scheme, a warrant is not required.

You might also like

eSafety defends detail of Online Safety Bill as the ‘sausage that’s being made’

Maza Russian cybercriminal forum suffers data breach

Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud

But according to Manthorpe, the “ambiguity around the definition of content” means that agencies might effectively be receiving the content of communications.

The ombudsman explained his concerns during a hearing of the Parliamentary Joint Committee on Intelligence and Security (PJCIS) on Friday.

Senator Andrew Hastie, Committee Chair: Could you talk about your concerns regarding ambiguity around the definition of content and whether or not an agency should have access to that when disclosed by a carrier under an authorisation?

Michael Manthorpe, Commonwealth Ombudsman: Yes, essentially, the piece of ambiguity we have observed through our inspections is that sometimes the metadata, in the way it’s captured, particularly URL data, and sometimes IP addresses but particularly URL data, does start to actually in its granularity start to communicate something about the content of what is being looked at. That’s essentially the point we’re making.

Hastie: Just to be very clear, you get the URL, you get the full www. whatever it is .com?

Manthorpe: That’s right.

Hastie: Which can indicate indicate what they’re looking at.

Manthorpe: Exactly. It can be quite long, or it can be quite short, and in some cases the descriptor is long enough to start — we start to ask ourselves well that’s almost communicating content, even though it’s captured in the URL.

Hastie: And then multiple — we are getting too technical but you know — multiple clicks, for example, on a thread would generate more and more, I guess, content.

Manthorpe: That’s right. Yes, exactly. So it’s, we’re simply highlighting that I think when the scheme was commenced, the concept of metadata was probably thought to be quite a clean and delineable thing, but we know that there is a greyness on the edges here that we thought we should call out.

Hastie: Yeah. Sometimes there’s information on the envelope, so to speak, to use the analogy from a couple of years ago.

Manthorpe: That’s a good analogy.

As for the intelligence agencies, the Inspector-General of Intelligence and Security (IGIS), Margaret Stone, said that she wasn’t aware of any instances of content being provided unlawfully, but she echoed Manthorpe’s concerns.

“There is this assumption that you get more from content than metadata,” Stone told the committee.

“But when you look at the range of metadata, and what it tells you, there’s an argument that could be made that it is just as intrusive, or almost as intrusive, as content. You can tell a lot about what a person’s doing from that.”

See also: Why Australia is quickly developing a technology-based human rights problem (TechRepublic)  

‘Grave concerns’ that this wasn’t meant to happen

Labor Senator Anthony Byrne noted that the major telecommunications companies had given the government “numerous assurances … that they could keep metadata in a subset” away from the content.

“The federal government actually gave these telecommunications companies a substantial amount of money to ensure that that has actually happened,” Byrne said.

“If that’s not happening, that’s of grave concern to me.”

Byrne stressed that he wasn’t critical of the agencies, nor the Commonwealth Ombudsman’s office, merely that what he was now being told did not match how he thought the system was meant to work.

“We are undertaking a review of this mandatory data regime, whether or not it works, whether or not it could be improved,” he said. “It’s nothing more than that.”

Telco data requests are meant to be written down

Law enforcement agencies are obtaining telco data without written authorisation in a “very small number” of cases, according to ombudsman Manthorpe.

“In some cases, they issue an internal authorisation based on verbal advice. And at an operational level, I can understand why that might occur, but it isn’t catered for in the legislation,” he said.

“Sometimes, agencies — if they issue a verbal authorisation — do subsequently go to commit[ing it] to writing.”

Or, presumably, sometimes not.

“We see non-compliance in a small minority of cases generally, and this is one area of potential non-compliance,” Manthorpe said.

“I would want to emphasise that, you know, there is a big volume of authorisations, and as far as we can ascertain, most of them are authorised appropriately.”

However as the committee noted, with the huge number of authorisations issues, a small percentage might still represent a large absolute number.

In the 2018-2019 financial year, 295,691 authorisations to access metadata were issued across all state and federal law enforcement agencies. This number does not include those issued to intelligence agencies.

ASIO guidelines ‘well out of date’

The Attorney-General’s guidelines that cover data collection by the Australian Security and Intelligence Agency (ASIO) are “well out of date”, according to Margaret Stone.

“The present guidelines were issued in 2007, so guidance in relation to new powers introduced since then would be very helpful,” she said.

As well as accessing mandatory data retention, those new powers include Australia’s controversial encryption laws, and the power to conduit a range of “special operations”.

“We’ve been saying for many years now, that those guidelines need revising,” Stone said.

“They’re well out of date, the present guidelines.”

PJCIS has been hearing evidence as part of its review of the mandatory data retention scheme. These powers were legislated as Part 5-1A of the Telecommunications (Interception and Access) Act 1979, usually referred to as the TIA Act, in 2015.

The committee is due to report by April 13.

SEE ALSO

Credit: Zdnet

Previous Post

How AI Is Tracking the Coronavirus Outbreak

Next Post

Keeping Data Inclusivity Without Diluting your Results - Machine Learning Times

Related Posts

Bill establishing cyber abuse takedown scheme for adults enters Parliament
Internet Security

eSafety defends detail of Online Safety Bill as the ‘sausage that’s being made’

March 8, 2021
Maza Russian cybercriminal forum suffers data breach
Internet Security

Maza Russian cybercriminal forum suffers data breach

March 7, 2021
Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud
Internet Security

Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud

March 7, 2021
CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now
Internet Security

CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now

March 7, 2021
Linux distributions: All the talent and hard work that goes into building a good one
Internet Security

Linux distributions: All the talent and hard work that goes into building a good one

March 7, 2021
Next Post
The ML Times Is Growing – A Letter from the New Editor in Chief – Machine Learning Times

Keeping Data Inclusivity Without Diluting your Results - Machine Learning Times

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Top 6 Regression Techniques a Data Science Specialist Needs to Know
Data Science

Top 6 Regression Techniques a Data Science Specialist Needs to Know

March 8, 2021
Dataiku named as Gartner Leader for Data Science and Machine Learning
Machine Learning

Dataiku named as Gartner Leader for Data Science and Machine Learning

March 8, 2021
Bill establishing cyber abuse takedown scheme for adults enters Parliament
Internet Security

eSafety defends detail of Online Safety Bill as the ‘sausage that’s being made’

March 8, 2021
An Easy Way to Solve Complex Optimization Problems in Machine Learning
Data Science

An Easy Way to Solve Complex Optimization Problems in Machine Learning

March 8, 2021
Machine Learning Patentability In 2019: 5 Cases Analyzed And Lessons Learned Part 4 – Intellectual Property
Machine Learning

Podcast: Non-Binding Guidance: FDA Regulatory Developments In AI And Machine Learning – Food, Drugs, Healthcare, Life Sciences

March 8, 2021
Here’s an adorable factory game about machine learning and cats
Machine Learning

Here’s an adorable factory game about machine learning and cats

March 8, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Top 6 Regression Techniques a Data Science Specialist Needs to Know March 8, 2021
  • Dataiku named as Gartner Leader for Data Science and Machine Learning March 8, 2021
  • eSafety defends detail of Online Safety Bill as the ‘sausage that’s being made’ March 8, 2021
  • An Easy Way to Solve Complex Optimization Problems in Machine Learning March 8, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates