What is my metadata and why does the government want to keep it?
Australia’s intelligence agencies want to track your digital footprints, but your browsing history is safe – at least for now.
Australia’s spy agencies tend to lurk in the shadows, but the recent debate over a national data retention scheme has brought their activities into the headlines. Like it or not, the world can be a dangerous place and it’s their job to keep us safe. Sometimes that means quietly keeping tabs on people they suspect are up to no good.
If ASIO wants to listen in on your phone calls then it needs to convince a judge to issue a warrant – it’s one of the safeguards designed to keep them from overstepping the line. The same goes for reading your email or opening your letters. Yet there’s nothing stopping spy agencies and police trawling through your metadata to see what you’ve been up to.
In a nutshell, metadata is data about your data but not the actual content. It’s the address on the front of an envelope rather than the letter inside, or the phone number you called but not a recording of the conversation. If ASIO wants to bug your phone it needs a warrant. But it doesn’t need a warrant to ask your telco for access to your call metadata – basically a list of who you called, when you called, where you both were and how long you spoke.
While metadata might not sound very useful, law enforcement and spy agencies claim that it regularly helps them catch bad guys. If your metadata looks suspicious – such as regularly calling a terrorist suspect – it can be enough to get a warrant to listen in on your calls.
There’s been a lot of confusion about the government’s proposed new data retention laws, which want to retain every Australian’s metadata for two years so law enforcement and intelligence agencies can look through it at will. The confusion is mostly because the politicians did such a terrible job of explaining exactly what they wanted to track – giving the clear impression that they don’t really understand metadata either.
The big question is whether the new data retention laws will include tracking every website we visit. Both the Prime Minister and Attorney-General gave confusing and conflicting answers before ASIO and the Australian Federal Police called a press conference to set the record straight.
The government doesn’t want to keep track of every website you visit. It just wants to keep track of the IP address assigned to your house and mobile devices by your Internet Service Provider. That way if they notice suspicious activity online, such as someone communicating with known terrorists or visiting suspicious websites, they can track that person down via their IP address. Most home IP addresses change whenever you reboot your broadband modem, so the government needs to know to whom a specific IP address belonged on any given day.
If you think of it like the postal system, the government doesn’t want to keep a list of every person you send a letter to. It just wants to keep an up-to-date list of everyone’s home address, so if they find a suspicious letter they can trace it back to the sender.
Some ISPs and phone companies already collect this data, but what they keep and how long they keep it varies widely, so the government wants to standardise it to ensure all providers keep metadata for two years.
Civil libertarians are rightly concerned about the privacy implications of retaining metadata, especially when there’s the potential for it to be misused. The search for terrorists can easily become the hunt for political activists and whistleblowers if surveillance programs aren’t kept in check. Even if you don’t care about privacy and think you have nothing to hide, data retention is a slippery slope and it’s important the we hold both politicians and spy agencies accountable, lest they slowly chip away our other rights.