[AusNOG] Google creepier than Conroy?
Bevan Slattery
Bevan.Slattery at staff.pipenetworks.com
Tue Jun 1 03:55:33 EST 2010
Hi,
Narelle wrote:
> I have read both the Telecommunications Act and the
> Telecommunications Interception Act and it is my professional
> opinion that neither of these acts is relevant to the
> activity under question. Both of these relate to 'network
> units' or 'links' provided under carriage services...
First of all I'm no lawyer :) It sounds like you are Narelle. Can you help me out here. The Telecommunications Interception Act clearly states under definitions:
___________________________________________________________
telecommunications system means:
(a) a telecommunications network that is within Australia; or
(b) a telecommunications network that is partly within Australia, but only to the extent that the network is within Australia;
and INCLUDES EQUIPMENT, A LINE OR OTHER FACILITY THAT IS CONNECTED TO SUCH A NETWORK and is within Australia
___________________________________________________________
My (non-legal) interpretation of the capitalised parts of (b) was so this would capture interception of a communication at the 'b' side of a communication past the carrier demarc point, to the NTU and possibly even beyond into structure cabling/wireless access point/cordless phone system all the way to the end communication device with which the intended recipient is using to make the receive (and make their) communication. Again, I'm no lawyer. This may not be included and the 'b' side may actually be only covered by relevant State legislation. I always (and possibly incorrectly) believed that attaching anything to a communication network (even past the demarc point) is "bad".
Then you read section 5F
___________________________________________________________
5F When a communication is passing over a telecommunications system [see Note 1]
For the purposes of this Act, a communication:
(a) is taken to start passing over a telecommunications system when it is sent or transmitted by the person sending the communication; and
(b) is taken to continue to pass over the system until it becomes accessible to the intended recipient of the communication.
___________________________________________________________
Seems to me to go way beyond line links etc. etc.. In fact I struggled to find line links mentioned in the TIA when it referred to actual interception. Even under this section they clearly state that it's not a telecommunications service or network (under definitions) but a telecommunications system. Section 5G goes on to say:
___________________________________________________________
5G The intended recipient of a communication [see Note 1]
For the purposes of this Act, the intended recipient of a communication is:
(a) if the communication is addressed to an individual (either in the individual's own capacity or in the capacity of an employee or agent of another person)-the individual; or
(b) if the communication is addressed to a person who is not an individual-the person; or
(c) if the communication is not addressed to a person-the person who has, or whose employee or agent has, control over the telecommunications service to which the communication is sent.
____________________________________________________________
You will need to make a determination that if the communication is addressed to an individual applies to IP addresses/MAC addresses etc (which I believe it would as the same applies to phone number addressing). Section 6 states:
____________________________________________________________
6 Interception of a communication
(1) For the purposes of this Act, but subject to this section, interception of a communication passing over a telecommunications system consists of listening to or recording, by any means, such a communication in its passage over that telecommunications system without the knowledge of the person making the communication.
____________________________________________________________
And that's the point I made in my last email. It's easy to say that "well it's their stupid damn fault for having a non-encrypted Wifi access point". But the person who MADE the communication has no idea as to whether your access point is secure or not. But they have the presumption that it will only be received by the intended recipient and anyone who listens or records such a communication is breaking the law. Whether this captures things past the NTU (and even a wireless access point) to the communication device will be a little more interesting though. Also, there is some confusion about at what point it's received (5H). Things get even more interesting when you consider there are many Wifi access points (unencrypted) that are operated by licensed carriers. The Qantas lounge example I gave in my last email is such an example where the access point (from my understanding) is operated by Telstra. Same can be said for many, many café Wifi hotspots.
Regardless of the outcome I think my esteemed legal counsel Dennis Denuto would think it's interception, if not eventually found to be the strictest definition of law (which we may get to find out) but at least when you consider "the vibe of the thing". You can see his legal opinion here in the first 2 minutes of the video here: http://www.youtube.com/watch?v=ITUSZ6LRHrk .
Cheers
[b]
More information about the AusNOG
mailing list