|Postcard from Australian privacy|
It's been a few weeks, but I haven't met a single person in Australia who feels safer.
Why would they? Well, ISPs are now required to store metadata generated by their subscribers. You remember metadata? That thing that Brandis was completely incapable of describing, although it's vitally important to help keep Australians safe from terrorists, people smugglers and drug importers.
It's not as though the concept of metadata is hard either - think of it as the envelope your mail comes in. For email, who sent it and when; for web browsing, what sites you visit, when you use the phone it's the number you called, when and how long you spoke. You get the idea.
There's still a lot of public confusion of course. If the Attorney General can't explain it, no wonder other people get concerned. The reality is that some of this data has previously been stored anyway. If you have a mobile phone, or use a VOIP service, the call data must be stored so that you can get billed. Who you call isn't particularly important, but were they are has a big influence on how much you get charged for a VOIP call.
ISPs still want to measure how much data gets used to make sure that their network is capable of providing the best service for their customers. So, they measure which web sites you visit and how much data you download. As someone who wrote this kind of software in the past, I know from personal experience that nobody (at the ISP) cares if you watch cat videos all day. But it's important to realise that a couple of hundred people downloaded half a terrabyte of data a month from YouTube regardless of the content.
As you'd expect it's more complex for ASIO of course. They don't generally care about YouTube cat videos either, but they're going to want to know if someone spends their time watching ISIS videos. It's also likely to be important that they can look back over phone records when they need to.
The difficulty is with what you're beginning to see. Requests to the court to allow this metadata to be used in civil cases. Thankfully, the government has said a firm "no" so far, but I have no faith that they won't change their mind one day. Allow access for one case, and very quickly your private data will be available for everyone, all the time. Anyone who doubts this should look at other instances of erosion of privacy in other countries, and see how it happens.