You are here

What is the meaning and what is the use of ‘metadata retention’?

August 26, 2014

What is the meaning and what is the use of ‘metadata retention’?

By Mark Rix 

Privacy and individuals’ ability to remain anonymous are important protections against persecution, bullying, intimidation and retaliation. These can be perpetrated by other people, private businesses and, perhaps most seriously, the state and its police and intelligence agencies.

Restricting anonymity through the retention of metadata can have a chilling effect by discouraging individuals from freely expressing and sharing their thoughts, opinions and ideas with each other. Thus, it also has a corrosive effect on democracy, by undermining the very rights and freedoms that underpin it.

Restricting anonymity through the retention of metadata can have a corrosive effect on democracy. Image: Flickr/g4II4is

 

Lack of clarity hurts case

In light of the above it is pretty unsettling that the federal government has been so confused about what the metadata it wants to retain actually is. Attorney-general George Brandis, who has responsibility for overseeing the warrantless metadata retention regime envisaged by the National Security Committee of Cabinet, seems to be the most confused of all.

Things become even more worrying when it is realised that communications minister Malcolm Turnbull is not a member of the committee. He was not consulted before it decided to pursue mandatory data retention. His intervention was required later in the debate after Brandis stumbled in his explanation.  

 

 

Attorney-general George Brandis struggles to explain what the metadata retention involves.

 

Clarity, transparency and certainty had already become collateral casualties with the government’s careless bandying about of the metadata-as-envelope metaphor as Brandis, prime minister Tony Abbott and others were drawn into the debate.

Briefly, this metaphor is supposed to convince us that because the government isn’t interested in reading the contents of our “letters” (internet-based communications) but only “envelopes” (aka metadata, including internet protocol addresses of senders and receivers of messages) metadata retention should be of no concern.

We have yet to see the detail of the proposal, but are told we should welcome it. According to ASIO director-general David Irvine, the retention of metadata is “absolutely crucial” in monitoring and disrupting terror cells. And in any case, AFP Deputy Commissioner Andrew Colvin reminded everyone, access to metadata:

… is not a new power for law enforcement and security agencies in this country.

Australian Privacy Commissioner Timothy Pilgrim threw a potentially large spanner in the works. In an August 8 statement, he suggested it wasn’t at all clear what type of data and information the government wanted to be retained. Nevertheless, it seems likely that the large amounts of information to be retained will:

… contain or reveal a great deal of information about people’s private lives [which could] be considered ‘personal information’ under the Privacy Act.

The telcos retaining the personal data would thus have to comply with all their obligations under the act. This includes protecting the retained data from misuse, disclosure, contamination, loss and so on.

Intelligence report card is mixed at best

So, how important for the prevention of terrorism and protection of national security is the retention of metadata? Unfortunately, because of the secrecy shrouding “national security”, it is virtually impossible for the public to assess whether the actions of police and intelligence agencies are necessary. And, even if necessary, it is difficult to assess how effective they are in doing so.

Is, for example, the retention of metadata “absolutely crucial” in monitoring and disrupting terror cells? And is retention of our internet communications metadata, which effectively puts all of us under suspicion of being a potential threat to national security, proportionate to the threat posed by terror cells?

US Democratic senators Ron Wyden and Mark Udall, both members of the Senate Intelligence Committee and strong advocates for Americans' freedoms and privacy, have concluded:

Based on evidence that we have seen, it appears that multiple terrorist plots have been disrupted at least in part because of information obtained under section 702 of FISA [the Foreign Intelligence Surveillance Act].

This section of FISA permits collection of phone and internet communications using the PRISM program. PRISM gives the National Security Agency (NSA) access to the communications of users of internet services including Microsoft, Google, Yahoo and Facebook. As a “five eyes” security partner, Australia has access to PRISM data.

Other commentators aren’t so sure about even the limited efficacy of bulk surveillance and retention of internet communications (emails) claimed by Wyden and Udall. For example, after reviewing the NSA’s surveillance programs, a team of American researchers concluded that US government claims that NSA’s bulk collection of Americans’ phone and email communications records keeps the nation safe from terrorism are “overblown and even misleading”.

Even information that the CIA and FBI collect using conventional law enforcement and intelligence methods is not sufficiently understood or shared between them, or with the NSA, to make it as useful as it should be.

Wyden and Udall reached their conclusions having had access to classified information. The research team reached theirs based on information on the public record. Each conclusion is troubling in its own way but Wyden and Udall’s is perhaps more so.

For if the latter opinion is correct, then Australia’s national security depends on the retention of classified information, much of which has been gathered through warrantless bulk (indiscriminate) surveillance. That compromises everyone’s privacy and treats us all as suspects. This is the meaning of metadata retention.

This article was originally published on The Conversation. Read the original article.