Friday, June 11, 2010

Australian Wants ISPs to Record Browsing History

Via ZDNet.com.au -

Companies who provide customers with a connection to the internet may soon have to retain subscriber's private web browsing history for law enforcement to examine when requested, a move which has been widely criticised by industry insiders.

he Attorney-General's Department yesterday confirmed to ZDNet Australia that it had been in discussions with industry on implementing a data retention regime in Australia. Such a regime would require companies providing internet access to log and retain customer's private web browsing history for a certain period of time for law enforcement to access when needed.

Currently, companies that provide customers with a connection to the internet don't retain or log subscriber's private web browsing history unless they are given an interception warrant by law enforcement, usually approved by a judge. It is only then that companies can legally begin tapping a customer's internet connection.

In March 2006, the European Union formally adopted its data retention directive (PDF), a directive which the Australian Government said it wished to use as an example if it implemented such a regime.

"The Attorney-General's Department has been looking at the European Directive on Data Retention, to consider whether such a regime is appropriate within Australia's law enforcement and security context," a statement from the Attorney-General's Department to ZDNet Australia said yesterday. "It has consulted broadly with the telecommunications industry."

The EU regime requires that the communications providers from certain EU member states retain necessary data as specified in the Directive for a period of between six and 24 months.

One internet service provider (ISP) source told ZDNet Australia that the Australian regime, if implemented, could go as far as recording each URL a customer visited and all emails.

That source said such a regime "would be scary and very expensive".

Another industry source said Australians should "be very f***ing afraid".

They said the regime being considered by the Australian Government could see data held for much longer than EU Directive time of 24 months — it would be more like five or ten years.

[...]

Internet Industry Association (IIA) chief executive officer (CEO) Peter Coroneos also confirmed that the industry was having discussions with the Attorney-General's Department.

[...]

Electronic Frontier Australia (EFA) chair Colin Jacobs said the regime was "a step too far".

"At some point data retention laws can be reasonable, but highly-personal information such as browsing history is a step too far," Jacobs said. "You can't treat everybody like a criminal. That would be like tapping people's phones before they are suspected of doing any crime."

He added that browser history could reveal all sorts of personal information. "And furthermore, the way the internet works, it's a huge amount of data to be kept and it requires some snooping on the part of the ISPs into which [web] pages people are looking at."

In February, the senate passed a Bill allowing ISPs to intercept traffic as part of "network protection activities". According to an ISP source, it's likely another Bill would be required for a data retention regime to be implemented.

No comments:

Post a Comment