[AusNOG] Google creepier than Conroy?

Mark Newton newton at internode.com.au
Tue Jun 8 18:08:15 EST 2010 

On 30/05/2010, at 8:10 AM, Bevan Slattery wrote:

> Regardless of where you sit with Sen Conroy and the current governments
> RC plan on filtering, and regardless of whether you think the two are
> linked, the fact is that it would appear some very serious breaches of
> privacy legislation and the Telecommunications Act may have occurred.
> 
> The flagrant disregard for what it is alleged to have occurred is breath
> taking.  Based upon reports (which are yet to be substantiated) there
> has been a systematic and intentional approach to intercepting
> telecommunications services and misappropriate data that was in the most
> part meant to be a private transmission between the user and their home
> DSL wireless gateway.

In the week since Bevan posted this, I've been giving it some serious
thought and a small amount of research.

Let me lead you through it and see if you come to the same conclusions
as I have.

I think it's highly unlikely that Google have broken the law in the way 
Bevan appears to be upset about.

That's not to say his upset is unjustified;  just that it's unwise to
throw around accusations of criminal behaviour if criminal behaviour hasn't
actually happened.

Boiling it down, Bevan has accused Google of an unlawful telecommunications
interception.

Interception is defined in section 6 of the Telecommunications (Interception
and Access) Act 1979, which says, in part:

>  (1)  For the purposes of this Act, but subject to this section, interception of a communication passing over a telecommunications system consists of listening to or recording, by any means, such a communication in its passage over that telecommunications system without the knowledge of the person making the communication.


Several terms used in the excerpt above are defined in Section 5 of the
Act.  It turns out that "telecommunications system" is one of them: "a telecommunications network that is within Australia ... and includes
equipment, a line or other facility that is connected to such a network
and is within Australia."  So far so good, except that that definition
happens to have some defined terms in it as well.

Specifically:  A "telecommunications network" means, "a system, or series of
systems, for carrying communications by means of guided or unguided
electromagnetic energy or both, but does not include a system, or series of 
systems, for carrying communications solely by means of radiocommunication."

So this gets to the crux of it:  Is a WiFi node "a system for carrying 
communications solely by means of radiocommunication"?  Or is it
a part of the larger "series of systems for carrying communications" 
installed in the house, only some of which relies solely on radio?

It's an important distinction, because the entire question of whether 
what Google has done counts as a telecommunications interception 
relies entirely on your interpretation of that definition.  If a 
WiFi node doesn't meet the definition of a "telecommunications
network," then listening-in to one doesn't count as an interception.

So does it?

I'm sure that's one of the things the AFP is going to be looking at
during their investigation:  If the case ever reached prosecution, 
the AFP will need to PROVE that an unsecured WiFi AP installed in a
house is a "telecommunications network," and there's probably a
likelihood that Google will mount a defence which, in part, calls 
the matter into question.  In my opinion (which is every bit as 
lawyerly as Bevan's :-) there are pretty good reasons to believe
that they'd be able to convince a judge that they haven't.

(and even if you disagree with me on that, you'd have to admit that
there's enough uncertainty there that throwing around accusations
of criminality in an open public forum is perhaps a tad reckless,
and perhaps even enough uncertainty to make the AFP decide not to 
prosecute)

Do we really want a country where everyone with a WiFi access point
or a cordless phone is treated by the law as a telecommunications
network operator?  Even if (unlike telecommunications network
operators) they've invested absolutely zero effort into protecting
their privacy?  Even if they've specifically and deliberately changed
the defaults on their equipment to disable the privacy features that
are enabled on pretty much every WiFi AP I've seen for almost as 
long as I can remember?

(personally:  I think geolocation is important enough that I actually
want to live in a world where it works properly.  Using criminal law
to discourage geolocation service operators from going anywhere near
Australia is not conducive to that aim;  Far better to create a legal
space with appropriate safeguards and let them get to work.  I don't
trust that this particular Government is even remotely capable of
doing that, though, because they're just not smart enough to see
what's going on here)

(I also want to live in a world with a Government that doesn't throw
around the threat of AFP investigations to settle political vendettas.
Conroy did it when his blacklist was pulled out of Integard, now 
McLelland is doing it to Google.  What sort of banana republic is this
anyway?)

It's entirely understandable that some people would have strong emotional
reactions to what Google did.  But I'd suggest that there are lots of 
vehicles an aggrieved person could use to air complaints about Google's 
conduct (and the conduct of the other companies who have spent YEARS
doing exactly the same thing -- why single-out Google?), and that perhaps
prosecution for breaches of the Telecommunications Interception Act isn't
an appropriate forum with which to deal with this issue.

What's happening now is how one turns our nation into a technological
backwater, hostile to innovation, never taking advantage of new 
technological developments until they've been trialed and matured
everywhere else first.  This industry should be up in arms in rage
about the way that our Government consistently and reliably treats 
every new Internet development with fear and loathing, where they're 
outright hostile to every business that comes anywhere near the Internet,
and where their enduring message to technology investors trying to
operate their businesses in Australia is, "Go and get fucked."

  - mark


--
Mark Newton                               Email:  newton at internode.com.au (W)
Network Engineer                          Email:  newton at atdot.dotat.org  (H)
Internode Pty Ltd                         Desk:   +61-8-82282999
"Network Man" - Anagram of "Mark Newton"  Mobile: +61-416-202-223

More information about the AusNOG mailing list