Will meta-data laws catch criminals, or turn civilians into suspects?

Last week, the Federal government’s controversial meta-data laws passed the Senate.

The laws require internet and phone service providers (ISPs) to store your meta-data for a period of two years, and to hand that information over to a raft of government agencies without them even having to obtain a warrant.

Many groups have voiced their concerns that the laws effectively remove personal privacy by giving government agencies access to confidential information such as your internet searches, URLs of internet pages, passwords, telephone data and email data.

The laws were pioneered by Attorney-General George Brandis, who claims that they are necessary to “identify suspects and networks of criminal associates” in order to fight against terrorism, child pornography and serious crime.

Just last week, Brandis stated that “metadata is the basic building block in nearly every counter-terrorism, counter-espionage and organised crime investigation.” But incredibly, he then conceded that “smart criminals will devise ways to get around the law.”

Brandis’ concession casts doubt about the likely effectiveness of the new laws in actually catching criminals, especially those who plan their activities, and adds further weight to the argument that the government’s unprecedented incursion on our privacy rights is unjustified.

Nothing More than a Farce

If you’re one of the many Australians unhappy about government agencies knowing your every move, you might be interested to know how to avoid your data being captured; after-all, smart criminals will almost certainly take steps to avoid their data being tracked, or may even capitalise on the situation by creating false alibis.

A range of simple ways to circumvent meta-data retention have already been identified on numerous internet technology websites; but if you’re not technologically inclined, our very own Communications Minister Malcolm Turnbull may be able to help you out.

In an interview with Sky News last week, Mr Turnbull made the somewhat bizarre move of detailing just how simple it is for journalists, whistleblowers and others seeking to avoid the laws to do so.

Overseas Communication Platforms

Turnbull pointed out that several communication platforms such as Skype, Whatsapp, Facetime and Wickr are based overseas – and that your ISP will therefore only be able to see that you have connected to their servers, but not who you are communicating with.

Earlier this month, Mr Turnbull confirmed that he now uses many of these services, including Whatsapp and Wickr, to avoid problems associated with unsecure methods of communication such as text messaging. He said that he made the move after several Federal MPs found themselves the subject of unwanted text messages sent by members of the public seeking to vent their concerns about meta-data retention.

In recent weeks, an activist campaign led by GetUp! has been doing the rounds on social media, encouraging Australians to ‘go dark’ and utilise anonymous browsing in a stand against the new laws.

The campaign encourages participants to change their Facebook and Twitter profiles to disseminate the message and to download anonymous web browsers to prevent ISPs from gathering information about their browsing habits or location.

Anonymous web browsers such as Tor, which was used by the notorious trading site The Silk Road to evade detection for years, are fully legal to use and are offered to users free of charge.

Virtual Private Networks

Others, including Greens Senator Scott Ludham, have pointed to alternative ways in which ordinary people – and of course potential criminals and terrorists – can easily avoid being tracked, such as virtual private networks (VPNs).

VPNs provide a formidable layer of security by ensuring that all data sent and received is encrypted. They also make it impossible to tell where you are when you are accessing the internet. Effectively, this means that any communications sent over VPNs circumvent the new metadata laws.

Best of all, using a VPN won’t cost you an arm and a leg – Senator Ludham helpfully advises that VPNs are available “at a very reasonable subscription rate.”

So, with a few easy steps and a very small investment, paedophiles and would-be terrorists can easily circumvent the government’s meta-data retention laws, while the rest of us surrender our personal data to potentially hundreds of employees from 13 government agencies at great financial cost, exposing ourselves to the dangers of misuse and fraud, with little foreseeable benefit.

Cost of implementing meta-data laws

As outlined in our previous posts, the Federal government’s website estimates the cost of implementing the meta-data retention laws at between $188 and $319 million – with customers likely to directly bear some of the costs through increased internet bills, and the rest coming out of of our hard-earned tax dollars.

Testra has announced that several million dollars more will need to be spent by telcos in an attempt to prevent sophisticated hackers from tapping into the goldmine of information (and potential profits) that two years of our stored data will create.

A (Not So) Cleverly Disguised Ploy to Gather Your Information?

Imagine you’re a drug dealer wishing to communicate with your customers over the net.

Or maybe you’re a potential terrorist seeking information about how to plan and carry out attacks on members of the public.

You’d probably want to cover your tracks, right?

So surely – if you didn’t already know how to do so – you’d be interested in the enormous amount of free information about how to avoid detection under the new meta-data laws.

If you’re lucky, you might even come across Malcolm Turnbull’s interview with Sky News, which would give you everything you need to know when it comes to circumventing the scheme.

If you were a ‘smart’ criminal bent on carrying out a heinous crime, these kinds of steps are only to be expected – after all, our Attorney-General even admits that ‘smart’ criminals will be able to bypass the laws.

Given the simplicity of mechanisms such as VPNs and overseas-based communication services as those highlighted by Malcolm Turnbull, one would expect criminals – and not just the ‘smart’ ones – to invest a little time and effort signing up.

This raises very real questions about the effectiveness of meta-data retention laws in actually detecting and preventing serious criminal activity.

Given the fact that it’s so easy to circumvent the laws, one might conclude that they are nothing more than a means for the government to collect private data about the ‘average Joe’ Australian without justification, and with all the dangers highlighted in our previous blogs.

As discussed in the second part of our special series on meta-data retention laws, this leaves ordinary Australians vulnerable to hacking, as well as unfounded allegations and prosecution by government agencies.