[AusNOG] Telstra's Texan Teaser - Tin Foil Stetsun anyone?

Rod Veith rod at rb.net.au
Wed Jun 27 18:44:59 EST 2012 

Thank you guys for those with the technical knowledge, ability and time to
expose Telstra's behaviour.

FYI. I have a Telstra mobile service that I use for occasional browsing and
I have followed Mark Newton's lead and registered a complaint with Telstra
through their web site. 

Must say that I'm very impressed to see the level of outrage/concern this
has raised in the NOG list. There were a couple of extra names that I
thought may/I wanted to post here and do wonder if that reflects a desire to
keep a heads down profile  (.. said as he reaches for the hat again ...).

I have read online the Telstra privacy policy and noted the following:

NB: I inserted ***

-------------------------Telstra Privacy Policy Excerpt
---------------------------
.
.
How we use your personal information

Your personal information may be used to:
.
.
conduct appropriate checks for credit-worthiness and for fraud;
*** research and develop our services;  ***"
.
.
.
You can access your personal information

You have a right to access your personal information, subject to some
exceptions allowed by law. If you would like to do so, please let us know.
You may be required to put your request in writing for security reasons. 

*** We reserve the right to charge a fee for searching for and providing
access to your information. ***
.
.
--------------------End Excerpt --------------------

I understand laws of the land always have precedence over contracts/company
policies however for the legal types in NOG land, can we, as individuals:

1. Object to parts of the Telstra privacy statement and still use their
services? In the days of paper documents I'd always cross out an
organisation's ability to use my personal information for research and
product use or to share anything with 3rd parties, but these days with
contracts done by phone or online it is not possible to do this. :(   Bank
documents are a particular favourite of mine and I'd always cross out the
bits I didn't agree with. Never had a loan request knocked back :)

2. be forced to pay for the searches we want conducted to retrieve how and
what personal information is being collected and how it is being used?

Rod

-----Original Message-----
From: ausnog-bounces at lists.ausnog.net
[mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Aqius
Sent: Wednesday, 27 June 2012 3:35 PM
To: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] Telstra's Texan Teaser - Tin Foil Stetsun anyone?

I think Telstras behaviour is absolutely disgraceful and one in a long list
of shameful activities by large corporates. There needs to be something more
significant other than a few mostly mediocre articles that downplay the
situation.

Well this has finally gotten of my a$$ to at least start doing something
other than huffing & puffing... I've registered breachoftrust.org &
breachofprivacy.org (nothing to see yet, just registered). I'd like to start
putting this story and other similar ones on the site and actually see them
followed through to court cases or wherever they go (god knows how I'll
manage to keep it up, but it's a worthy hobby); along with information on
users rights, who to contact if they suspect abuse etc.

If the boat has already been made, point me there, otherwise I know there
are some resources and sites already out there, but as much as I'm
passionate about the topic, I'm far more underinformed then I'd like to be.
Anyone have any suggestions, links etc or know an awesome Wordpress (etc)
theme suitable for the job, please let me know. 

Like all of us, I'm also pressed for time - if anyone is interested in the
same and want to work at it together or take lead I'd be delighted. 

R's,
Jason 


-----Original Message-----
From: ausnog-bounces at lists.ausnog.net
[mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Mark Newton
Sent: Wednesday, 27 June 2012 2:25 PM
To: Matt Perkins
Cc: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] Telstra's Texan Teaser - Tin Foil Stetsun anyone?

On Wed, Jun 27, 2012 at 02:09:19PM +1000, Matt Perkins wrote:

 > The some what scarey part is that had Telstra batched this info off on a
> weekly basis and it not been done in real time chances are we would  >
still be oblivious.

Yes. It was only Netsweeper's predictable behaviour which made everyone twig
to what was going on.

Betcha that behaviour is about to change.

That's why attitudes and corporate culture with respect to trust are
so important.  We all know that what's going on is _possible_.   Whether
or not it _happens_ depends on the ethos of the decisionmakers.

.. which, we've observed, seem to have a cultural opposition to
transparency, and seem prepared to run full steam ahead with things they
know will erode trust.

 > Im guessing within the T&C's that im sure we all agreed to but didn't  >
read they are likely to have permission to do whatever they want with  > the
data.

Pretty sure they know that's not true, and that's why they rushed out
section 27 yesterday afternoon.

However:  Their T&Cs only govern their relationship with their customers,
not with third parties.

If Jane Doe puts some private content online, and discloses the URL to me, a
NextG customer, and I access it, and the content is subsequently downloaded
by Netsweeper, then *Jane* has had *her* privacy invaded by Netsweeper, even
though she has no contractual relationship with Telstra at all. 

I'd love to see how they can weasel their way out of that one.

 > There are some laws however that deal directly with carriers  > and there
are certain privacy laws that apply to carrier's only. Without  > making at
$5000  call to someone in the legal field im not sure I can  > confirm that.

Records accumulated by the network can only be disclosed to internal parties
who have a need to know, and to external parties on the basis of a warrant.

Again: I'd love to see how they can weasel their way out of that one.
In my opinion, browser history pulled from a DPI box or a transparent proxy
is clearly a "record" within the meaning of the Telecommuniations Act.

 > One thing I would think would be correct is that if US Music/Film studio
> a) sends a subpoena to Telstra's outsourced data miner company b in 
> the  >
US to hand over all there data so they can trawl it for url's of torrent  >
sites. Im guessing they would be compelled to hand over the data without  >
question.

If I download a movie over HTTP on a NextG service, and that inspires
Netsweeper to download it too, has Netsweeper infringed copyright? :-)

  - mark
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog


_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

More information about the AusNOG mailing list