The countdown for ‘intrusive data surveillance’ has expired after the 18-month deadline. From this day forward, every ISP and Telco in Australia will be bound to perform meta-data retention of every single customer in Australia for at least two years.
In October 2015, the Australian parliament passed the metadata retention bill. It gave all the industry’s ISPs and Telcos 18 months to formulate a strategy to implement and abide by the orders. The orders were a so-called ‘precaution’ for national security to fight terrorism, which, in the views of privacy advocates, is just a shame.
Last year, we covered a progressive story on Australian data retention. Going to such lengths is to keep tabs on every person in Australia through law-enforcing entities without any warrants. The Federal departments, which are not authorized to access the metadata, circumvent the data retention bill restrictions by asking the Australian Federal Police (AFP) to do their work.
That means over 2,500 appointed offices of 21 law enforcement agencies and unauthorized federal departments can access your private information round the clock for drug crimes instead of the security operation, as Dr. Robb Nicholls of the University of NSW claimed.
What does your MetaData look like?
Since Telco and ISPs both are obliged for data retention in Australia, your information can include:
- Your name and address.
- All the details of mobiles and apps, including your SIM mobile number.
- Date and timestamps of any communication through Email, VoIP, Social Media, Messaging apps, Websites, and Mobile.
- Recipient of your communication.
- All the details of the email except the body content.
- Location of your Internet-connected devices (incl. Cell Towers and Wi-Fi hotspots) and more…
Such sensitive data held out of sight like in proprietary silos, we lose out on the benefits we could realize if we had direct control over this data and chose with whom to share it, said Sir Tim Berners-Lee.
How to protect your privacy
Here’s how you can protect your privacy against Australian Data Retention Law.
Virtual Private Networks
April 13, 2017, marked by Digital Rights Watch as #GetaVPN day, provides an immediate solution to prevent ISPs from monitoring your information. Paid VPN subscriptions offer the necessary privacy protection for your data.
VPN—Virtual Private Networks—encrypts your communication data with 256-bit AES encryption, which is unbreakable yet. A brute-force attack would take 1 billion years to break it. It also changes your IP address to a fake one, so it becomes futile for anyone to track your communication back to you.
However, you should take care while opting for the best VPN subscription for Australia and choose a VPN provider with its DNS servers. You can opt for industry-leading VPN providers such as NordVPN, ExpressVPN, and ExtremeVPN, which are vastly trusted by people globally, mainly because:
- Based outside the jurisdiction of Five Eyes countries (i.e. Australia, Canada, United States, United Kingdom, and New Zealand).
- Strict No (Traffic/Metadata) Log policy (which means that all the output data is instantly sent to /dev/null sunk directory – pointed out by NordVPN).
- Encrypt your communication and entire web traffic with 256-bit AES encryption and OpenVPN security Protocol.
- Owns private DNS (which means all of your data is routed through private DNS and not through your ISP’s DNS).
- Exclusive security features like TOR-over-VPN (NordVPN) and Split Tunnel (ExtremeVPN).
TOR Network
TOR is a volunteer-based service that runs on a secure network. Australian users can use the TOR browser to connect to the network, making Internet data retention useless. However, since data passes through volunteer gateways (nodes), Internet surfing is slow, and privacy protection is only limited to the browser. At the same time, the rest of your network traffic remains exposed for the ISPs to monitor.
If you want TOR protection but do not want to change your browser, you can opt for NordVPN, which provides TOR-over-VPN functionality.
Mobile SMS and calls
Metadata collection is an old and silent practice of governments worldwide, and unfortunately, you cannot escape it. However, you can shift your calling and texting habits to more private end-to-end encrypted messaging apps such as Signal, Telegram, Wickr, and WhatsApp.
If you use the Internet via your mobile carrier, it is recommended that you use a VPN to encrypt your entire mobile Internet traffic. Also, apps that you use send mobile-related information to their developers, so always download apps from a trusted source and developers and read their privacy policies before downloading.
Email protection
The Australia Data Retention list includes email tracking, so protecting your emails from your ISP has become crucial. I recommend you move to a more secure email provider such as Protonmail or Tutanota. However, since we are integrated into Gmail, it might be hard to let go.
To add encryption to Gmail, you can install a free Google Chrome extension named Mailvelope, which encrypts your email with OpenPGP encryption. And while you are at it, you can install HTTPs everywhere on your browser to force websites for encrypted certificates.
Social media tracking protection
While Australian data Retention laws target your metadata, Social Media platforms also seek your information for analytics purposes and to show you targeted ads.
You can install extensions like Disconnect or Privacy Badger to prevent social media tracking, which sends ‘do not track me’ requests and blocks all the tracking URLs.
Share this article
About the Author
Rebecca James is an IT consultant with forward thinking approach toward developing IT infrastructures of SMEs. She writes to engage with individuals and raise awareness of digital security, privacy, and better IT infrastructure.
More from Rebecca JamesRelated Posts
Data Retention Law in United States
Mandatory Data Retention Law in the United States is not implemented. However, according to the law ...
European Union MetaData Rentention Law
In 2006, the European Union passed the Data Retention Directive (DRD), which is considered an extrus...
Review of the Mandatory Data Retention Law
KEY TAKEAWAYS Mandatory Data Retention Law is against every user’s privacy, as it allows ISPs ...
How to Protect From MetaData Retention? Qucik and Easy Tips
Many countries worldwide, such as the United States, Australia, and European Union, have Mandatory D...
Metadata Retention Law in Germany
In 2010, one of the German courts declared the German mandatory data retention law unconstitutional ...
Surveillance practices in Canada, Facing Criticism
With the revelation that the Canadian Revenue Agency(CRA) regularly supervises social networking sit...
