Metadata mission creep? Who would have thought?

Victoria_Police

The latest proposal from Victoria Police to monitor mobile phone use highlights the danger of mission creep under mandatory metadata retention laws:

The so-called textalysers… are able to analyse metadata to determine whether someone was using their mobile phone at a specific time – while driving, for example.

… The model proposed by New York authorities involves the analysis of a mobile device’s metadata after a road incident to determine whether the device had been used in the lead up to the event.
… Privacy laws are slowing progress of the proposed new legislation, although Israeli company Cellebrite, which produces the technology, claims that the textalyser system doesn’t have the ability to read the content of text messages and social media updates, but rather to determine whether the device was used at a certain time to send text messages.

However, Australia’s new metadata retention laws, which allow for the time and basic surface details of every message sent to be stored and made available to law enforcement agencies, could speed the technology’s introduction here.

While the government justified the introduction of metadata laws largely to fight terrorism, the inherent danger with gathering mountains of personal data (beyond privacy and data security issues) is that once it exists other entities will inevitably demand access (see that list here).

In fact, the IPA’s Simon Breheny predicted this as early as 2012, and the IPA’s Chris Berg warned about the likelihood of the compulsorily acquired metadata being used for purposes other than national security at the time of its introduction in 2014:

A lot of opponents of data retention have pointed out that this creates a very real risk of unauthorised access. It’s hard to keep data secure.

Yet just as concerning is authorised access. Once these databases have been created they will be one subpoena away from access in any and every private lawsuit.

facebooktwitter

, , , ,