[AusNOG] Data Retention - are you kidding me??
Karl Kloppenborg
karl at hyperconnect.com.au
Thu Nov 17 10:39:18 EST 2016
Whilst I'm sure all that is in jest, I believe those sorts of measures
whilst not explicitly defined by the act could be seen obstruction of
justice.
Then again I'm no lawyer, personally this whole act is very convoluted and
murky.
On Thu., 17 Nov. 2016 at 5:15 am, Skeeve Stevens <
skeeve+ausnog at eintellegonetworks.com> wrote:
>
> No problems. Give them what they ask....
>
> - but given there is no specific timeframe in which to responsd.... maybe
> 72+ hours after they ask. Keep telling the officer 'it shouldn't be too
> long' every 30 minutes and tell him he is free to sleep their till the
> morning, but not to move much if you have a security system of big dog.
>
> - provide it in another language... maybe Swahili or Swedish Chef - but in
> a hexdump
>
> - print it on paper... a pallet worth and suggest that what he needs is
> 'probably in their somewhere'
>
> - they say the data must be encrypted (s187BA(a)). They don't say it needs
> to be decrypted when you give it to them
>
> Btw... here is the full Act.
> https://www.legislation.gov.au/Details/C2016C00889
>
> Fun times.
>
> ...Skeeve
>
> *Skeeve Stevens - Founder & The Architect* - eintellego Networks Pty Ltd
> Email: skeeve at eintellegonetworks.com ; Web: eintellegonetworks.com
>
> Cell +61 (0)414 753 383 ; Skype: skeeve ; LinkedIn: /in/skeeve
> <http://linkedin.com/in/skeeve> ; Expert360: Profile
> <https://expert360.com/profile/d54a9> ; Keybase: https://keybase.io/skeeve
>
> On Wed, Nov 16, 2016 at 3:13 PM, Ross Wheeler <ausnog at rossw.net> wrote:
>
>
> Had a call a short while back... I think I've got the details right, but I
> sure hope I've got something wrong....
>
>
> ISP had a senior constable come in with a request for data.
> Request had been signed by said senior constable.
>
> As I understand the (meta)data retention legislation, a request has to be
> signed by a senior officer (commissioner or thereabouts), or a minister etc.
>
> I suggested to the ISP that I thought the request was not valid but to
> check it with the CAC. Had a call back a while later that basically the
> ACMA said to honour the request, and that if there was a problem "it would
> be caught in the audit later".
>
> This scares the pants off me.... if we're being told to just give the data
> out to low-level shitkickers with no senior level oversight or control,
> there's going to be no end of vexatious queries, fishing expeditions and
> trivial requests. Who's going to get banged up if we disclose private
> information that turns out (later) to have been given incorrectly? How will
> the damage to affected person(s) be undone?
>
> A highly, HIGHLY dangerous precedent. (This was a smaller non-metro ISP in
> a fairly out-of-the-way part of the world, perhaps for the very reason that
> if it blows up in their face they can hide it more effectively than if it
> was a large, highly visible isp).
>
> R.
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20161116/f6933e6e/attachment.html>
More information about the AusNOG
mailing list