• About
    • About me
    • My publications
  • Risk
    • Categories of risk
    • Climate risk
    • Risk communication
    • Risk Perception
    • Risk Assessment
    • Risk and games theory
    • Safety Integrity Levels (SILs)
    • Technical risk
  • Safety
    • Aerospace Safety
    • Analysis
    • Bushfire Safety
    • Modification safety
    • Psychology
      • Affordances
      • Decision making
      • Group dynamics
        • Groupthink
        • Spiral of silence
      • Heuristics & Biases
        • Confirmation bias
        • Framing effect
        • Illusion of control
        • Normalcy bias
        • Sunk cost heuristic
        • Plan continuation bias
      • Human error
      • Safety culture
    • Nuclear power safety
    • Nuclear weapons safety
    • Rail Safety
    • Safety cases
    • Technology
      • Design
      • Fault tolerance
      • System architecting
  • Security
    • Tales from the Internet of Things
    • Linguistic
    • Saltzer and Schroeder's principles
      • Posts on Saltzer and Schroeder
  • Phil.
    • Assumptions
    • Ethics
    • Philosophical definitions
    • Scientific Discovery
    • Principia
  • Useful
    • A software safety micro-course
    • Checklists
    • Human error in pictures
  • Climate
  • Course
  • Screwtape
  • TFTD
  • Subscribe via RSS

Critical Uncertainties

Making decisions about technology in an uncertain world
  • Home/
  • Security/
  • Lurching towards an antipodean panopticon

Lurching towards an antipodean panopticon

04/12/2018

So, in submissions to the parliamentary joint committee on intelligence and security (PJCIS) it’s been disclosed that government agencies, including local councils, are using loopholes in our current metadata legislation to lodge up to 35,000 requests for personal metadata a year. These requests are made without warrants and with little to no oversight.

My Australian readers will remember the Telecommunications (Interception and Access) Act that was passed three years ago to allow access our telecommunications metadata. They’d also remember how solemnly our government and ministries of state security swore that there’d be ‘robust protection’? Right, well as it turns out the earlier 1997 Telecommunications Act has a large existing loop hole that requires metadata disclosure, “if in any other case the disclosure or use is required or authorised by or under law.” All of which makes the provisions for privacy in the later act kind of moot.*

Then on top of this mess of existing legislation the Morrison government is now rushing additional security legislation through requiring the communications companies to provide access to encrypted data. From the weakening of encryption to covert insertion of spyware there’s pretty much nothing the government can’t demand a communications company provide. Weighing in on the issue are officials from the five eyes in a strongly worded communique. My guess is that’s because the legislation is seen as a stalking horse for the suite of powers that the security communities of the five nations have wanted for decades.

If all of this sounds like a mess it is, and if it also sounds like the current Government is trying to get some political mileage, they are. Of course anyone who remembers the NSA crypto wars of the eighties, which broke internet security for a generation, or how the NSA exploit Eternal Blue was turned by criminals into the Wanna Cry ransomware, would remark on how dangerous unthinking national security legislation can be, rousing endorsement by the five eyes notwithstanding.

Quis custodiet ipsos custodes indeed.

*Alternatively all the requests under the original legislation are now illegal, an outcome devoutly to be hoped for.

Share!

  • Twitter
  • Facebook
  • Email
  • LinkedIn
  • Reddit

Like this:

Like Loading...

Related

In Security Australian government, encryption, Malware, metadata, NSA, panopticon, surveillance state, telecommunications act 1997
permalink
  •  Previous
  • Next 

With a Bachelor’s in Mechanical Engineering and a Master’s in Systems Engineering, Matthew Squair is a principal consultant with Jacobs Australia. His professional practice is the assurance of safety, software and cyber-security, and he writes, teaches and consults on these subjects. He can be contacted at mattsquair@gmail.com

  • Recent
  • Popular
  • Comments
  • Tags
  • Mitigation or Suppression?22/03/2020
  • Farewell22/02/2019
  • Why I deleted my LinkedIn account17/02/2019
  • AF447… What we now know14 comments since 27/05/2011
  • What the BEA didn’t say about Air Franc...11 comments since 05/08/2011
  • Matthew Squair
    No, I’m afraid not.
  • Dave Gordon
    "last post on this website." Will you po...
  • wecarnes
    Thank you Matthew. As a retired guy who ...
Air dataMH370uncertaintyA330software safetySafetyComplexityAirBusAF 447Risk

Blog Stats

  • 252,234 hits
Follow Critical Uncertainties on WordPress.com

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 187 other followers

Member of The Internet Defense League

Blogroll

  • A Critical Systems Blog
  • Aviation Safety Network
  • Blogger's Rights
  • Bruce Schneier on security
  • Climate Skeptics
  • CrITique
  • Disaster Wise
  • DisasterCast
  • Elizer Yudkowsky
  • Emergent Chaos
  • John Adams: Risk in a Hypermobile World
  • Les Chambers blog
  • Les Hatton: Scientific and other writing
  • Light Blue Touchpaper
  • Restricted data: The nuclear secrecy blog
  • The Abnormal Distribution
  • The Oil Drum
  • The Shape of Code
  • Trinity
  • Wayne Hale's blog

Discussion Forum

  • The Hive

Mail Lists

  • System Safety TekFak List – Bielefield
  • The Safety Critical Systems List (York)

Useful Sites

  • Center for the Protection of National Infrastructure
  • Computer Related Incidents with Commercial Aircraft
  • ISSS links
  • John Kadavny
  • John Norman's JND Website
  • Less Hatton's writing
  • Nancy Leveson's Homepage
  • NASA Safety Center
  • Overthinking it
  • Safety Critical FCS
  • Safety Critical Systems Club
  • System Safety Society
  • The consensus project
  • The Less Wrong Wiki
  • The Risk Digest
  • The System Safety Sceptic
  • Understanding Uncertainty
  • Verified voting foundation
  • York HISE Page
Blog at WordPress.com.
loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.
%d bloggers like this: