Sir Tim Berners-Lee, the man who invented the world wide web, has issued a warning that Australia’s proposed data retention laws are a “really, really bad idea”.
The Parliamentary Joint Committee on Intelligence and Security is currently conducting an inquiry into reforms to Australia’s interception and security legislation.
One of the most contentious aspects of the terms of reference include "tailored data retention periods for up to two years for parts of a data set, with specific timeframes taking into account agency priorities and privacy and cost impacts".
Berners-Lee said while it is important for countries to be able to defend themselves from cyber attack, there are inherent dangers on “snooping” on people.
“On one side, the danger of that information is it won’t contain information to stop serious criminals, only the people who have taken out too many library books,” he said at today’s launch of the CSIRO’s Digital Productivity and Services Flagship program.
He said the information police agencies were looking at and collating could be dangerous if it was hacked and “you have to think about it as dynamite”.
Berners-Lee also suggested a new government agency would need to be set up to the track agencies that are collecting information.
“You have to have another government agency with the same power looking at that first government agency to track [it],” he said.
“I have seen no country which is set up with two [organisations] that are part of the ‘watchers’ – the watchers and the watchers of the watchers with reciprocal powers to check [each other].
“The whole thing seems to be fraught with massive danger and probably a really, really bad idea.”
David Irvine, director-general at ASIO, has previously said it was insulting to think ASIO staff would abuse powers given to it around data retention.
“Most ASIO officers would find it frankly insulting to think that an organisation which prides itself on acting in accordance with the law and very, very heavy accountability processes would allow itself to deviate into unwarranted intrusions into privacy,” Irvine told Background Briefing in October last year.
The proposed data retention laws have received extensive backlash from ISPs and privacy advocates.
iiNet told the parliamentary committee in September that a data retention scheme could cost the company $60 million to set up and that it would pass on the cost to customers, which would equate to around $5 extra per month.
In November last year, the Attorney-General’s Department told the inquiry it has not yet assessed the potential costs of implementing proposals around data retention.
Greens senator Scott Ludlam has said there are other issues in the federal government’s proposals for intelligence and security reforms, besides data retention, which are “creepy”.
For example, “Internet kill switches for targeted populations; the ability of ASIO to install malware on third-party computers who aren’t involved in investigations; the ability of intelligence agencies to commit crimes and then be forgiven for them behind the scenes – there’s a bunch of other stuff coming up behind data retention that actually is also kind of creepy,” Ludlam said in October last year.
Follow Stephanie McDonald on Twitter: @stephmcdonald0
Follow Computerworld Australia on Twitter: @ComputerworldAU