spook #estimates

netSenate Estimates committees are my favourite parliamentary obscurity, a thrice-yearly ritual of tense cross-examination and hideous boredom that runs a ragged cross-section through the state of the Australian Government in all its banal and ominous glory.

Nearly every part of these hearings can be of interest, but for a number of reasons I have always got the most out of exploring the poorly mapped intersection of communications, surveillance, censorship and national security policy.

This past fortnight has provided a valuable opportunity – perhaps the last one we’ll ever get – to assess in detail what this Government had in mind for internet content blocking, mass real-time surveillance of the Australian people, and your right to stay anonymous online.

The picture isn’t pretty. Many of this Government’s online policies are quite unpopular, and only rarely break the surface; the rest of the time you’re left guessing at shifting outlines of what’s actually going on.

Responsibilities are fragmented across different departments reporting to different ministers, and while no-one is meant to lie to you directly there is an impressive array of obfuscation, misdirection and delaying tactics that are still thrown in the path of hapless senators.

Despite this, some conclusions can now be drawn, particularly on the issue of the new and expanded internet filter.

One agency – the Australian Federal Police – is directing ISPs block the Interpol ‘worst-of’ list, as announced in 2012. They are empowered to block a vastly larger number of ‘illegal’ sites under existing law, but are choosing not to at present.

The nation’s corporate regulator ASIC on the other hand, is knocking websites out more or less as they wish. With a baroque flourish, ASIC uses a fax machine to send letters to ISPs ‘requesting’ that they block overseas scam sites used to back up cold calls pitching fraudulent investment schemes to unwitting customers; they’ve done so 10 times in 12 months, and started doing so, apparently by complete coincidence, at the same time as the AFP. If they hadn’t overblocked by a factor of a quarter of a million in March and then again accidentally knocked over 1,200 unrelated sites in April, it’s unlikely these issues would have achieved the prominence they have.

Because of the hyperbolic and self-defeating paranoia surrounding even the most mundane activities of our national security agencies, we don’t know how ASIO – or whoever it is – chooses to issue their block notices, and we’ve been cheerfully informed that it is no business of the Australian Parliament to know. Until such time of course, as one such notice falls off the back of a truck, as appears to have happened with the floor plans and wiring schematics for ASIO’s new headquarters: these things happen.

Twelve months after ASIC began bowling over fake investment websites, and only in response to increasing media coverage and smouldering fury online, the Dept of Broadband and Communications convened an informal chat between officers of a dozen or so agencies to see whether any transparency measures might be in order. They’ll report to the Communications Minister when they feel like it – no hurry – and he will make an announcement if he sees fit. No public consultation is envisaged, so it appears we’re expected to trust the agencies involved to come up with an open-ended multi-agency content blocking regime we’re all comfortable with.

This is the kernel of how this practice is probably about to get vastly more common: there are literally hundreds of agencies who are arguably empowered to block content they consider to be illegal, and when I asked the department how many agencies are legally entitled to do so, they don’t actually know.

If I had to guess I’d say the re-animation of the filter is more likely a stuff up than a conspiracy; it has the feel about it of poorly coordinated adhocery rather than a carefully orchestrated plan.

The Attorney General’s unloved data retention scheme is a rather different matter. The proposal to force ISPs to archive the ‘traffic data’ or ‘metadata’ of the whole Australian population for two years has sunk out of sight since disappearing into a committee of inquiry last year.

This metadata is the kind of material that allows telcos, security services or anyone else who accesses the data to create these extraordinarily fine grained real-time maps of our everyday lives; that’s before you even get around to cross-matching financial records, social media profiles and all the other digital footprints we leave around the place. A few dozen agencies made 300,000 requests for this data in the last financial year, none of it requiring a warrant or any accusation of criminal behaviour.

Naturally, police and security agencies want as much of it as they can get, and their barely-regulated hoovering up of masses of it is being justified – straight faced – with the argument that as people are abandoning their stodgy old landlines, we’re getting harder to surveil.

The session with the Attorney General’s department was equal parts amusing and chilling as always; the Secretary of the Department was eager to downplay the initiation of the data retention proposal as a few offhand ‘chats’ by irrelevant junior officials. Having seriously underplayed the long series of meetings stretching over several years in which an unwilling industry was told it would need to play along one way or another, said official turned out to be sitting immediately to his right. Awkward.

Filtering; check. Data retention; check. What about your right to anonymity online?

There is good news and bad news for people using the popular anonymising service TOR. The good news is, the head of the Prime Minister’s new cyber security task force has never heard of it. The bad news is, the Attorney General’s department has heard of it, and intends to try and compromise it as it renders their data retention ambitions utterly pointless.

We’re fortunate in Australia to have a small but vocal online press that does give these issues some coverage, but you won’t see them on the front pages of the daily papers any time soon. The gradual expansion of mass surveillance and the stripping of freedoms that we tend to take for granted online deserve more prominence than the occasional clash during estimates committee hearings to which the vast majority of Australians remain cheerfully oblivious.

The last 10 days has quite neatly summed up the Government’s attitude that transparency is for individuals, and privacy is reserved for the inner workings of the bureaucracy. The fact that both the old political parties have this formulation entirely backwards won’t stay a poorly concealed secret for all that much longer; this is one instance which the Government shouldn’t assume that silence is consent.