[AusNOG] Telstra's Texan Teaser - Tin Foil Stetsun anyone?

Daniel McConville fourdegrees at gmail.com
Mon Jul 9 18:35:51 EST 2012


Hang on, so isn't someone leaking that e-mail breaking some kind of
internal confidentiality, or 'privacy' of internal mail?





On Mon, Jul 9, 2012 at 6:33 AM, Geoff Huston <gih903 at gmail.com> wrote:
> I would've liked to have seen him say to his staff:
>
>   - Breaking the laws of the Commonwealth of Australia is not negotiable.
>
>   - And we will report any incidents where we suspect that our employees or contractors have broken the law to the Australian Federal Police for investigation.
>
> But then again this is am obligation under law of every citizen of this country who is a witness to a criminal act. So he didn't need to say it - he needed to do it!
>
> So c'mon Telstra - this is not just a matter of a breathtaking breach of privacy by a carrier - it's also a clear breach of the Telecommunications (Interception and Access) Act. Stop wringing your corporate hands and take some action to stop this corporate criminality, and pass this entire case over to the AFP to investigate under the provisions of the Telecommunications Act.
>
> Geoff Huston
>
>
> On 06/07/2012, at 7:01 PM, Matt Perkins wrote:
>
>> Nice to see they are taking it seriously inside.
>>
>> http://sl.farmonline.com.au/news/metro/national/general/customer-privacy-is-not-negotiable-telstra-boss-admits-leaking-customer-data/2612606.aspx
>>
>>
>> On 30/06/12 11:39 AM, Geoff Huston wrote:
>>> On 28/06/2012, at 12:02 PM, Narelle wrote:
>>>
>>>> On Thu, Jun 28, 2012 at 3:03 AM, Paul Brooks
>>>> <pbrooks-ausnog at layer10.com.au> wrote:
>>>>> On 27/06/2012 1:36 PM, Mark Newton wrote:
>>>>>> But those same carriers seem to think nothing of not only disclosing
>>>>>> who everyone is communicating with, but in some cases even sending the
>>>>>> contents of the communications themselves (e.g., "GET http://foo HTTP/1.0" --
>>>>>> that's call content, not call metadata!)
>>>>> IANAL, but this may contravene the Telecommunications (Interception and access) Act
>>>>> 1979 - Sect 7 seems to apply.
>>>>>
>>>>> This communication has clearly been intercepted while passing over a
>>>>> telecommunications system, between handset device and webserver device. It has also
>>>>> been recorded, stored, and sent to another person.
>>>>>
>>>>> A real lawyer aught to have a look at that.
>>>> IANAL either, but I did go briefly through the Telecommunications Act
>>>> and the Interception Act yesterday to no avail.
>>>
>>> IANAL but...
>>>
>>> Interception of telecommunications in the Commonwealth of Australia is
>>> governed by the Telecommunications (Interception and Access) Act 1979,
>>> as amended in June 2006.
>>>
>>> To quote the Explanatory Memorandum of the 2006 Act:
>>>
>>>     "In relation to both telecommunications interception and access to
>>>     stored communications, the Act makes clear that the general position
>>>     is that these activities are prohibited, except in certain clearly
>>>     defined situations. This reflects the primary focus of the Act which
>>>     is to protect the privacy of communications."
>>>     The terms "communication" and "telecommunications system" are defined in
>>> the Act as follows:
>>>
>>>     communication includes conversation and a message, and any part of a
>>>     conversation or message, whether:
>>>     (a) in the form of:
>>>         (i) speech, music or other sounds;
>>>         (ii) data;
>>>         (iii) text;
>>>         (iv) visual images, whether or not animated; or
>>>         (v) signals; or
>>>     (b) in any other form or in any combination of forms.
>>>
>>>     telecommunications system means:
>>>     (a) a telecommunications network that is within Australia; or
>>>     (b) a telecommunications network that is partly within Australia,
>>>         but only to the extent that the network is within Australia; and
>>>         includes equipment, a line or other facility that is connected
>>>         to such a network and is within Australia.
>>>
>>> Section 7 of this Act states:
>>>     (1) A person shall not:
>>>        (a) intercept;
>>>        (b) authorize, suffer or permit another person to intercept; or
>>>        (c) do any act or thing that will enable him or her or another
>>>            person to intercept;
>>>        a communication passing over a telecommunications system.
>>>
>>> A person who contravenes this section is guilty of an offence punishable
>>> on conviction by imprisonment for a period not exceeding 2 years.
>>> Limited exceptions to this prohibition are specified in other
>>> subsections of s7. These include interception under an interception
>>> warrant.  Interception warrants may be issued for two purposes: national
>>> security and law enforcement. To the best of my knowledge neither case
>>> applies to the web stalking interception activites.
>>>
>>> Section 7 of the Act sets out a small number of exceptions to the
>>> general prohibition on interception. One exception relates to carriers
>>> and carrier employees:
>>>        Exceptions applicable to carriers and carrier employees in relation
>>>     to duties involving the installation of lines and equipment or the
>>>     operation or maintenance of a telecommunications system.
>>>
>>> So in this case the exceptions do not appear to apply - so it would seem
>>> that there is case to be made that Telstra's actions constituted a breach
>>> of the terms of Section 7 of the Telecommunications (Interception and Access)
>>> Act.
>>>
>>> But will we see this taken further and see the carrier and the
>>> individuals involved prosecuted under the provisions of this Act?
>>>
>>> Geoff
>>>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog



More information about the AusNOG mailing list