Monday, 22 December 2014

Panoptican Tony

With Friends Like This, Enemies Are Redundant

The phrase, Panoptican State refers to a real threat.  Sadly, the threat is coming not from terrorists, nor criminals in general, but from our governments.

As a result of the threat of terrorist crimes, Western governments want to transform the State into one which observes citizens at all times.  In Australia, Prime Minister Tony Abbott foolishly and recklessly wants the Parliament to approve collecting "metadata" on all Australians, storing it for up to two years.  "It will help us interdict and catch the malefactors," says Tony.  Yes, and so would stationing a member of the intelligence service at our right shoulder, observing all we do and say, twenty-four seven. But would that justify the horrendous invasion of government power into our lives.  Tony says it would. 

Fairfax media have done us all a service.  With the assistance of a Liberal Senator, David Leyonhjelm they have demonstrated just how much information on all citizens will be available to government spies.  Leyonhjelm "turned over" his metadata to the analysts and what they learned about him was significant indeed.

The federal government says its controversial mandatory metadata storage proposal – which will force telcos and internet providers to store phone and web data on all Australians for two years – is necessary to fight serious crime. Prime Minister Tony Abbott described metadata, which will be available to law enforcement without a warrant if the Data Retention Bill becomes law, as "not the content of the letter, it's what's on the envelope".

But a Fairfax Media investigation into what metadata can reveal has shown the envelope is almost transparent. If the bill passes it will represent a significant loss of privacy for all Australians, with law enforcement being able to derive far-reaching information and associations left behind by our digital footprints.
Here's how they went about it.
Liberal Democrat senator David Leyonhjelm gave permission for metadata from his business address in Sydney's inner west, an agribusiness consulting company, to be captured and analysed.  NCC Group, an information assurance firm with more than  15,000 clients worldwide, agreed to perform the analysis for Fairfax Media. It was overseen by its Asia-Pacific general manager, Wade Alcorn.

They used off-the-shelf software  to intercept all the data to and from the internet via a laptop plugged into the office's internet router.  Using free online tools they stripped out about 99 per cent of what was captured, including the content of communications, and the industry-standard definition of web history – http and https traffic, which is all the data sent between your computer and the web server, including web addresses . Communications Minister Malcolm Turnbull has said, "The act will expressly exclude a person's web browsing history."
What did they learn about David Leyonhjelm?

Alcorn's report reveals the surprising scope of what could be gleaned from the metadata generated by the office outside of its day-to-day dealings with meat and livestock organisations in Australia.  "The metadata revealed communication to an airlines booking system and to specific hotels in the Whitsunday Islands," wrote Alcorn. "This may indicate that someone in the office will be travelling in the near future and planning to visit that area of the country." . . .

"We'd sift through the data and look for interesting things," he explained. "For example, with the airline booking site, we started expanding backwards and forward in time to reveal what other information there is on what the airline bookings might be about. At that stage we found information about the Whitsundays, hotel bookings, etc … it went from airline bookings to hotel bookings and associated holiday information."

They found clues suggesting someone was buying furniture – communication to the webpage of a furniture retailer and a subsequent call of four minutes and 12 seconds to the same store. One day there was an interest in jewellery, home improvements and renovations.

Metadata can reveal someone's hobbies or interests without the need to see the content of messages. There was communication in the office with mail servers relating to the Inner West Hunters Club, a NSW approved hunting club. Leyonhjelm is a high-profile supporter of the relaxation of gun laws.  NCC analysts referenced other email metadata with public information resources to infer communication with organisations involved in hunting, consultancy, market research and the sale of contact lists for marketing purposes.  Metadata could enable future governments to monitor people with agendas other than their own. The potential for inferring links between people, leading to further investigation, is vast.

Analysis of sender and recipient email addresses identified people who were often involved in group email discussions. Despite neither subject nor content of emails being available, some inferences could be drawn.  Alcorn wrote, "The email metadata collected was suggestive that there was a common political agenda. Taking the email addresses and searching for the people in Google determined they were active in various political arenas. From this information it was possible to find common agendas."

One group email discussion possibly centred around pro-gun reform, with active lobbyists in the area taking part – something NCC analysts determined by putting specific email addresses into a search engine. Other members of the discussion weren't public supporters of changes to gun laws.  "An analyst may, rightly or wrongly, infer from this metadata that the other members of the discussion are privately supporting gun reform and for some reason don't want it publicly known," wrote Alcorn.

Traffic volume showed when staff were in the office, when they were working late or at the weekend and for how long. Metadata showed consistent spikes of several minutes' activity on Facebook at 9am, around lunch and just before 5pm. One afternoon there was no Facebook activity, which could suggest an early knock-off for the day.

Metadata also showed someone was exploring CTP insurance renewal, had used Dropbox – a way of transferring files too large to be emailed – as well as Microsoft, Apple, Nvidia, AVG and Avast technologies.
"We're not using the most sophisticated tools to analyse metadata," Alcorn said. "There are faster ways to do it and more automated and mature processes. We also didn't use tools for displaying graphical connections. With further time and more sophisticated tools, more habits and details could be extrapolated." . . .
And Leyonhjelm's reaction to the results of analysing his metadata:
Leyonhjelm called the results of the analysis "very revealing".  He had no problems with targeted retention of metadata via a warrant or court order based on suspected criminal activity. "But to collect that data on everyone – my 84-year-old mother and my wife and my next-door neighbours who wouldn't say boo to a goose – it's wrong in principle," he said. . . ."The government's basically saying we're going to spy on everybody in the country," said Leyonhjelm. "It's appalling, it's absolutely appalling."

He added, "If you're going to invade people's privacy and treat them all like criminals-in-waiting, then to what extent do you do that? Malcolm Turnbull has said it's nothing more than phone data, to and from and time and location, but it's a lot more than that. I don't see how it can be limited to that and I don't believe it will be, either."
The old slogan runs, "Give me liberty or give me death."  Now, due to the craven lust to do evil that good may come, the Australian government has unwittingly provoked a new slogan: "Give me death rather than your kind of liberty."  Or, more tellingly we suggest to Australian citizens that they face up to the Prime Minister and his conspirators and say, "Stop being such cowards." 

It is a small mercy that in order to "get the power" to store everyone's metadata and take a huge stride towards a Panoptican State, Parliament gets to debate it in public and vote upon it.  Let's hope there is a rebellion in the government's parliamentary ranks. 

No comments: