Metadata retention

Without the content of a message, you’re privacy can’t be breached, can it? What the hell is metadata anyway? Thankfully the Attorney General has posted a clarifying letter which makes it quite clear they will be pursuing the EU model (which has already been declared unconstitutional in Germany, Romania and the Czech Republic).

The metadata applies to:

landline, mobile telephony, internet access, internet email and internet telephony.

And the metadata contains:

  • the source of a communication
  • the destination of a communication
  • the date, time and duration of a communication
  • the type of a communication
  • the users’ communication equipment or what purports to be their equipment
  • the location of mobile communication equipment

Let’s break this down. Millions of Australians have smart phones which are constantly using the internet to check for new email, download updates, synchronize calenders etc. Every time this happens, their location (presumably which mobile phone towers they are connected to) will be monitored and stored.

If this model is followed, the minute to minute movements of millions of Australians for two years will be monitored and stored. If that isn’t a gross invasion of privacy, I don’t know what is.

Edit: Rodney posted the video below which tells the story better than I ever could.

Gone in 60 seconds – How to bypass data retention in under a minute

If the proposed expansion of national security powers and internet surveillance comes to pass, many people will want to bypass it to protect their right to privacy. Here’s one way to do it.

  1. Go to
  2. Pay $40 for a yearly account
  3. Download and install their software
  4. Log in to your account and connect

That it, you’re done in less than a minute. All your internet traffic will be encrypted and routed through their servers, bypassing any data retention by the Australian government.

Of course this raises the question, if it can be bypassed so easily, for $40 a year, how could the system possibly hope to catch determined criminals? I challenge the scheme’s supporters to provide an answer.

Send Nicola Roxon a copy of 1984

Given the recent push for increased surveillance, ISP data retention, and the erosion of any “right to remain silent”, I wonder if Nicola Roxon has read 1984.

First edition cover of George Orwell's 1984

Let’s make sure she has, or at least that she re-reads it, given the circumstances. I’m going to buy her a copy and send it to her address at parliament house:

Attorney-General Nicola Roxon
Parliament House, Canberra 2600

You can do the same. Find a copy in your local book store, or order online at fishpond ($9.51 including shipping), book depository ($9.43 including shipping), or amazon. Be sure to mark it as a gift and include a note, but be civil. We are trying to convince her that our privacy and freedoms are important, and that new powers will violate them in an attempt to catch criminals that has dubious efficacy at best. Twenty copies of 1984 landing on her desk should get our message across.

If you send one, let me know in the comments so I can tally it up. If you’d like to remain somewhat anonymous, I could send one on your behalf, just contact me on email at, using my public key for encryption of course. I promise not to retain your data.

ISP Data Retention

So Nicola Roxon (Labor MP and Governer General), you think it would be a great idea to force ISPs to store our browsing history for 2 years. This is apparently needed to catch the bad guys. What could possibly go wrong?

Well for starters, it won’t actually stop criminals. Anybody doing anything illegal online will decide to use some form of encryption or anonymity.

This will only hurt law abiding citizens. The price of broadband will go up. Collecting and storing all this data will cost the ISPs money, and they will have little choice but to pass this cost on to their customers. Secondly, all this data is a goldmine – for advertisers, scammers and criminals. They will break into the ISPs and steal the data, making it available to everyone. You aren’t hurting criminals, you’re helping them.

Our privacy is important. Maybe I write pseudonymous fan fiction based on the tv show Glee, maybe I just googled “how to tell if you have herpes”. Maybe I don’t want the whole world knowing these things. Maybe some of your fellow MPs are into cross-dressing, or something equally innocuous they they nevertheless want kept private.

This is another one of those ridiculous schemes like the internet filter – there’s no win for anybody. It’s lose lose lose lose lose. Don’t be stupid Roxon.

For the same arguments written by someone better, check out Nick Ross’ article on the ABC.

Fake enrollments?

It seems there is some debate in various states in the USA about preventing vote fraud by requiring ID to be presented when voting (and whether or not that actually works). This got me thinking; what stops dodgy voting practices over here in Australia?

My first thought was that compulsory voting takes care of it all for us. Unlike the USA, we don’t have to worry about people pretending to vote as someone else, because everyone has to vote. If someone votes twice at the same booth, their name will already be crossed off and the alarm will be raised. If someone votes twice at different booths, presumeably they take those big ledgers and cross check them against each other to discover it (at least I hope that the “have you already voted today?” question isn’t the last line of defence against vote stacking).

But what’s to stop someone simply enrolling twice (or more) in different electorates? With different fake names? I wouldn’t put it past some political parties, given their blatant unethical behaviour in the past regarding fake “how to vote” cards. Let’s take a look at the electoral enrolment form:

Enrolment form

All that is required for a new enrolment is that the enrolment form be witnessed by someone who is already enrolled. So pick someone you dislike, (or just someone at random after you steal their junk mail) and fake their signature. Viola, Mr Dude Awesome of 1 Rad St Bodaciousville Victoria is now eligible to vote. Or is he?

What kind of checking goes on behind the scenes? Surely somewhere the government has a big list of all citizen’s names right? When you are born, you go on the list. When you immigrate and naturalize, you go on the list. So couldn’t they check this list to make sure Mr Dude Awesome actually exists? Well yeah sure, after all “Mr Dude Awesome” sticks out like a sore thumb. But what if we picked “John Smith” as our fake name? Then instead of matching one entry, they’d have to check the number of John Smiths enrolled versus the number of John Smiths eligible to be enrolled. But don’t we all know someone who hasn’t ever enrolled or voted, and has never got in trouble for it? I don’t think this type of checking will work.

Obviously at some level a rigged election becomes obvious. If the enrolled population in an electorate doubles despite no change in demographics, someone has to be cheating. But vote rigging wouldn’t need to be so blatant in order to effect the election results. Need I remind you that the most recent federal election was the closest ever, with control being decided by who the independant MPs chose to back? A hundred or so fake voters in a swinging electorate could easily make all the difference, but how could we detect them?

Unfortunately (in this case) voting is anonymous. If we could match up the new enrollee’s actual votes, we could see a disproportionate shift to the party doing the rigging. Instead, all we can try is to compare an electorate’s votes with its pre-poll results, but that would probably be messy and inconclusive. Besides, at best these kind techniques can only determine that rigging has taken place after the fact, they can’t nab the fraudsters when they show up to the booth, which means they get off scott free.

What about checking the address of the newly enrolled person? Somewhere the government must keep a list of all street and suburb names. Surely they can check that the address is at least valid; hell, I can do it myself with google maps. To get around this the perpetrator could supply a valid address at random from the street directory and just hope that the existing tenants aren’t too thorough in marking their mail “not at this address” and shoving it back in the postbox. But who among us hasn’t received mail for an old tenant and simply chucked it out? Still, it is one way of checking that could possibly lead to the culprit being nabbed when they show up at the voting booth.

Ultimately I can’t think of an effective and elegant way of detecting vote stacking like this but I’ve only spent half an hour thinking about it. Someone smarter than me at the electoral commission has probably spent a lot of time on it, and the systems are all in place… I hope?