Forensic expert backs Telecommunications Act changes

Leading forensic computer lab director describes calls for intercepted data to be destroyed "as soon as it is no longer required" as shortsighted

A call for intercepted data to be destroyed "as soon as it is no longer required" has been described as shortsighted by the director of one of the country's leading forensic computer labs.

The call is part of the Greens’ opposition to amendments to the Telecommunications (Interception And Access) Amendment Bill 2009. Greens Senator, Scott Ludlam raised his opposition to a report into the Government's proposed changes to the Telecommunications Interception Act, which was tabled in the Senate.

In particular, the Greens have called for greater clarification around "network protection duties" and "disciplinary actions". They are also seeking tighter requirements around destroying copies of intercepted communications.

"In fact we see this requirement that intercepted information be destroyed as soon as it is no longer required, as fundamental to getting the balance right," Ludlam said in a release.

However, the director of the forensic computer lab at University of South Australia, Jill Slay, who also undertakes work with the Australian Federal Police (AFP) and other Government agencies, described the call as shortsighted.

Slay is one of many researchers around the world working on projects that, among other things, look at how data can be obtained from networks and devices (such as mobile phones) and used to help fight against crime and protect against cyber security threats.

In response to the Greens' call, Slay acknowledged the privacy concerns as genuine but said it needs to be balanced against using data to gather intelligence for the purpose of fighting crime and protecting the nation against external threats, whether they are from non-state actors or nation states.

She drew a parallel with the seizure of computers and how long police are allowed to hold them for, which varies across states.

In the year to June 30, 2008, Australian authorities 3254 interceptions compared to roughly 170,000 in the United States.
"In some states the police are genuinely hampered by the really short time they are allowed to hang on to a computer," she said. "I think it is something that has developed over the years, when you could easily sort through a hard disk and see what was there it was okay. But when you just have an increase of something like 10 to the power of 5 in data over 10 years, we just can't trawl anymore; you don't know where the smoking gun is. When you have major crimes and terrorism and you have so many pieces of evidence, like the bombing in London when they had 600 mobile phones, you don't actually know what you are looking for. To put those kinds of artificial limitations on the police — I just don't want to do that."

Slay added it would be difficult to say when the data would not be required any more and agreed if the data had traveled over a public network there would most likely be other copies in existence and accessible by anyone with the right skills and therefore not private. Federal attorney general, Robert McClelland, has argued that changes to the Act will strike an effective balance between protecting networks from malicious activities while protecting users from unnecessary or unwarranted intrusion.

Introducing the bill for its second reading last week, McClelland said in attempting to strike a balance, the amendments recognised the general prohibition against interception and identified the circumstances in which the access, use and disclosure of information for network protection purposes would be permitted.

“The bill does not oblige network operators to undertake network protection; nor does it specify any type of technology that must be used,” McClelland said. “I stress and emphasise that because there was some criticism, when this matter was originally put in the public domain for disclosure, that in some way the government was avoiding its responsibilities to protect networks and putting those responsibilities on private users. That is not the case.”

The Federal Government has also announced a new Cyber Security Strategy and said it would launch a new emergency response team called CERT Australia. And earlier in the year, a new Cyber Security Operations Centre (CSOC) was announced as part of the Defence White Paper to boost the country's cyber warfare capabilities.

The moves have been supported by several parties, including academics and analysts like Slay, who argue the threat to Australia's national infrastructure — both public and private — is very real and will only increase going forward.

However, others have called for greater transparency around the respective groups' activities and the Privacy Commissioner, Electronic Frontiers Australia and the Australian Law Reform Commission have sided with those demanding greater privacy.

Additional reporting by Tim Lohman

Sign up for Computerworld's newsletters.

Got a tip on the Telecommunications Bill?Email Computerworld or follow @computerworldau on Twitter and let us know your thoughts.

More about: Australian Federal Police, Bill, CERT, etwork, Exposure, Federal Police, University of South, University of South Australia
References show all

Comments

1

Anonymous

Wed 25/11/2009 - 13:20

Only the Greens and their fellow-travellers would be likely to come up with something that is so completely unrelated to reality.

It seems that criminals are often not brought to account because clever lawyers and not so clever privacy panjandrums have imposed unreasonable constraints on judicial processes.

2

Anonymous

Thu 26/11/2009 - 07:47

there is alot to think about when it comes to this topic.
If the data was not relevent to any form of legal prosecution & the possession of peoples personal data can cuase injustices the data should be destroyed, The only way i can see it being justified is, if there were grounds for monitoring a specific person who has been found commiting a crime and more evidence needs to be gathered to prosecute. If all irrelvent data and information that is collected was destroyed within a short time there will be less risk that it can be used to expoit innocent people. The ramifications for mankind in mass data collection and storage in my opinion is going to be devistating to individuals endevours and successes and general ways of life, especially in our future. In this rapidly evolving technologically driven world, i dont want a future where a few people can, in a few seconds violate us by cifering through our personal data & cross examine our stored electronic history & corilate an entire concensus on our existance it is very dangerous, the potential exploitation of stored personal data is endless with the development of artifical intelligence who knows what will come of it, Leaders need to be respectful and mindful about the decisions they make today.

3

harry c

Thu 26/11/2009 - 10:30

What do the public want? This is never taken into consideration. Big brother at its worst.

4

Graham

Thu 26/11/2009 - 10:40

Surely, the first thing the authorities do when they seize a suspect's computer is to take a copy of it. Then they can return the original and "trawl" as they need.

And, surely, if the authorities are investigating somebody, their informations is not "no longer required" and hence can be kept until the investigation is complete.

What the police want is everything to be kept about everybody on the prospect that they may be involved in some future investigation. That's what I object to (and, I think, is Senator Ludlam's point).

5

Anonymous

Thu 26/11/2009 - 15:43

I believe that Ms Slay highlighted her prejudice that all info should be open to investigation: "Slay added ... if the data had traveled over a public network there would most likely be other copies in existence ... therefore not private."
-- how does my "private" communication suddenly become not private, because it travelled over a public network??? With that logic my mobile phone broadcast to the nearest tower should be ok to be intercepted?
There is a difference between there being an opportunity to unscrupulously intercept my communicaton, and my right to privacy.

-- If copies exist in the network, they are transient, and when buffers/memory get full will be overwritten. They do not exist in the long term.

-- It is hard to say how long information might be needed? I'd say as long as someone was "a person of interest", and as long as a warrant allows. If the investigation is ongoing, law enforcement/security services can apply for an extension, let a judicial process decide if such an invasion of privacy is warranted.

There needs to be oversight, and there needs to be accountability...not just a loosely worded change to Telecommunications laws. Internet traffic (e-mail, chat, VOIP, banking, e-commerce) will become the major form of communication in future. It must have watertight protections of individual freedoms entrenched in law, and terms like "network protection duties" and "disciplinary actions" must be very clearly defined.

One of the explanations for these terms remaining ill defined is that technology changes and the law needs to be flexible. If technology develops, the law should too! There are many examples of where laws have been able to adapt in the past:
- Seat belts were made compulsory, radar detectors were banned in vehicles.
- .08 changed to .05, changed to .00 for L's and P's.
- anti-terrorism laws are evolving
- guns laws were tightened up

These were all responses to changing needs. Why should communications be different?

6

Anonymous

Thu 26/11/2009 - 21:15

in regards to the last post i find it a contradiction that its an enforcable law that we wear seatbelts in our vehicals yet all government run public transport like bus's, trains, monorail and trams dont even have them installed, even for those that would like the assurance of wearing one, I like to think myself free so i think it should be at the disgression of the driver and his passengers if seatbelts are worn.
i also think gun laws is a joke guns are not the problem a few people are, criminals will always have access to guns, so when it comes to gun violence you will always have to be concerned its just now innocent people will no longer be able to defend themselves againt them kind of criminals if needed 35 years ago all bank tellers had a gun behind the counter and were allowed to use it even without a license, my father bought a gun from mick simmons in the city when he was young and didnt need a license just walked in and paid his money and bought himself a gun and was able to enjoy going bush for some hunting and target shooting now my generation and future generations wont have that opertunity we have the media instead, dont forget we are surrounded by lethal weapons daily for example a car can be used in much the same way a gun can except it doesnt need reloading for acouple hundred Km's. In regards to Terrorism the definition of the word i find is "the systematic use of terror especially as a means of coercion" the only people in australia who have used any major form of terrorism for political coercion in my memory is the media, most people ive met who have fears were influenced by the media as a way to introduce their political views or help introduce new regulation which is an obvious form of political coercion no matter how harmless some people see it, society conciousness is effected in a very bad way So id hope some of the major develoments in regards to that include more media scrutiny and regulations.

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: cert, cyber security, Cyber Security Operations Centre (CSOC), defence, privacy, telecommunications interception act
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/150/handbrake/

HandBrake

HandBrake is an opensource tool that allows you to backup your DVDs so that you can store and watch them on your computer. Features include: ...

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia