Issue #1567 3 October 2012
Big Brother gets bigger
The House of Representatives has just passed amendments to the Privacy Act which increase the powers of state agencies and the private sector to collect data on people and reduces their obligations to protect privacy. It allows companies to send personal data and process it overseas, even to countries with no privacy laws at all. The government claims it strengthens privacy laws. It does not. At the same time a parliamentary committee is considering proposals to amend the Telecommunications Interception and Access Act (TIAA). The most dangerous of these is the requirement for internet service providers to store the contents of all electronic communications for two years and to make it available to ASIO and other government agencies.
The dishonestly named Privacy Amendment (Enhancing Privacy Protection) Bill 2012 is now before the Senate. The bill and the proposals for further legislation lay the basis for the mass surveillance of society by government agencies and private corporations.
The onus will be on victims to prove privacy breaches that occur regarding data transmitted overseas by companies (eg for processing or call centres).
Consumer rights reduced
Businesses will not be required to inform customers or the Privacy Commissioner of many massive breaches of data security.
The bill destroys the existing right to anonymous transactions. It removes the right to ask, “Where did you get my name from?” where it is “impracticable” for the caller (bank, telco, electricity company, etc) to provide an answer.
Credit reporting industry will be given rights to collect and share a range of information about customers who have never had a default such as anyone with a credit card.
The bill, as the government claims, does give the Privacy Commissioner additional powers and increases penalties for breaches. But there is no obligation to use these powers or to investigate complaints. Up to now the Commissioner has failed to use the existing powers and penalties are not mandatory.
A succession of amendments to national security laws, including the ASIO Act during the Howard years and the terrorist laws, have seen a totally unjustified increase in the powers of government agencies and private sector to spy on ordinary citizens.
The TIAA originally applied to the Australian Federal Police and national spy agency ASIO. Today it gives extraordinary surveillance and other powers to more than 20 agencies. Much of the data collection remains unregulated, some of it is carried out by private agencies on behalf of government, and the public are unaware of what records are kept on their personal lives.
The legislation and plans for data collection by internet providers are in breach of Australia’s obligations under the International Convention on Civil and Political Rights. Under Article 17, the Australian government is obliged to pass legislation to give effect to the right of people not to be subjected to arbitrary or unlawful interference with their privacy, family, home or correspondence.
Big Brother is far more intrusive and all pervasive than in the days of credit checks, employer and real estate agent black lists and phone tapping.
Indoor and outdoor CTV surveillance, credit and debit cards, retail loyalty schemes, internet shopping, driver’s licences, passports, public transport smart cards, tollways, emails, facebook, twitter, other social networks, computers, the cloud, mobile phones, real estate agents, banks, insurance companies, Medicare, the new ehealth card, biometric data, DNA, private health insurers JobSearch, etc – each and every one a source of data to who knows whom.
Phillip Dorling writing in a series on privacy in The Age and Sydney Morning Herald (25-09-2012) noted: “Australian law enforcement and government agencies are also accessing vast troves of phone and internet data without warrant. Indeed, they did so more than 250,000 times during criminal and revenue investigations in 2010-2011. Comparative statistics suggest this is a far greater level of telecommunications data access than that taken in the US, Britain or Canada.”
Where we work, where we shop, what we buy, who we talk to, what we say, our photos, when and where we go, how we travel, our future plans, our finances, our credit history, our health records, and so much more on our personal lives is out there, being collected, being shared, being sold for profit. We have little idea who has it, how they are using it, and even if it is accurate.
The new powers being proposed regarding the two-year storage of the content of electronic information such as emails, twitter, facebook, cloud, can be compared to someone opening every letter sent by post and recording every phone call and storing their contents for two years. But the scope of this data collection is far more invasive and its contents mind-blowing, apart from the logistics and cost involved for the internet servers.
The government claims it is necessary to give ASIO and other security and policing bodies greater surveillance powers to counter terrorism and pursue criminals, in particular paedophiles. Historically, the focus of ASIO spying has been on communists, trade unionists, and other political activists who might challenge the system.
The other main area of spying in Australia, apart from military, has been for the corporate sector, much of it carried out by private agencies. This includes spying on employees and corporate espionage on rival companies.
The stored electronic data would be accessible to government and private sector agencies collecting it for the government. It would not be secure from hackers and it could be tampered with. ASIO and other agencies would have the power to go into any computer or other electronic device and add, remove or alter data. They could plant “evidence”.
Greens Senator Scott Ludlam warned against further extending the already excessive online surveillance powers of Australia’s intelligence agencies: “Does the federal government really believe all our personal data should be stored by service providers for two years so that every move we make can be surveilled or recalled for later data mining? It is premised on the unjustified paranoia that all Australians are potential criminal suspects.
“Australians are already under a startling amount of government surveillance. Nearly a quarter of a million telecommunications data warrants were granted in 2010-11 according to the annual Telecommunications (Interception and Access) Act report. This includes detailed locational data logged by every smartphone, every minute of the day…
“Data retention as envisaged by the government will entrench huge databases that can be mined for precise patterns of our movements, purchases, interests, friends, and conversations. This interception, copying, recording and disclosure of our data is a means to retroactively police the whole population. We are citizens, not suspects,” Senator Ludlam said.
The development and use/misuse of technology has accelerated at an exponential rate in recent years, leaving legislative protections far behind. The bill before the Senate and the proposals being discussed enhance the spying powers of government agencies and the corporate sector.
Many of the “safeguards” covering the corporate sector are guidelines, not statutory requirements. There is little protection for people who fail to read the pages of small print or do not understand them when signing up for retail loyalty cards, a credit card or just filling out a feedback form. They have no idea who their personal details are being sold to for marketing and other use. Nor do they even know how the retail outlet or bank will use them.
Successive amendments to telecommunications, spy and other legislation have and continue to weaken protection and accountability. This will not change. The federal government is not interested in providing those protections. It is assisting the corporate sector in its collection and use of private information.
For example, Attorney-General Nicola Roxon, in her Second Reading speech to the “Enhancing Privacy” bill, said:
“This Bill modernises credit reporting provisions and will make the credit reporting regime more flexible and less prescriptive by emphasising industry-led complaint resolution. Banks and financial institutions will be able to see more accurate and positive information about:
- the types of accounts that families have and when they were opened and closed;
- the current credit limits of each account (but obviously not the day to day balance, to protect privacy); and
- positive information about repayment history. For example, when a credit card was paid off on time, not just information about overdue payments.”
Anyone who has had a dispute with a bank knows what “industry-led complaint resolution” means!
Talk of safeguards is a fiction.
The security of this data is weak enough in Australia, let alone in other countries were privacy laws are even weaker. No data collection is 100 percent secure anywhere in the world. Hackers have broken into military, social security, medical and many other government and corporate systems.
There have been numerous, internal breaches of security such as the accidental emailing of records to the wrong person. The data collected by government or private outfits is worth millions of dollars to the corporate sector. Employers are always eager to acquire additional information on potential employees or existing workforces. The temptation to collate and sell data being held for easy profits is great!
The likes of Facebook and Twitter are giant data banks of personal lives, conversations, photos and other personal information, ripe for misuse, including identity theft. Employers and recruitment agencies are using them to investigate job applicants and employees.
The Australian Privacy Foundation in its submission to the parliamentary inquiry states: “Indiscriminate mass surveillance will never be justified – any surveillance should always be targeted. While targeted surveillance of groups may be justified in some circumstances, it should only ever be as a last resort…”
The Foundation recommends: “All powers granted to law enforcement agencies must be justified, proportionate and controlled, and the organisations and individuals must be accountable, and subject to regulatory regimes that are independent of the law enforcement and national security agencies themselves.”
It puts forward four basic principles: Justification, Proportionality, Controls, Accountability.
Unfortunately, all of these are missing in the present legislation and proposals for further legislation.
For more information visit www.privacy.org.au
and the privacy series in The Age,
Next article – Editorial – The scheming centred on Assange
Back to index page