The Metadata’s Alright


By Annice Savill


To my fellow university students,


I know we are young and complaining is kind of our thing, but it’s time to rein it in. I get it, you’ve heard about these new metadata retention laws, and you’re terrified. Not just terrified, you’re livid. You’ve read a thinkpiece or two and you’re ready to revolt, or at least tweet angrily. I’m here to set the record straight.


This is a “perfectly legitimate” and “well thought-out” law.


Gentle reader, rest those tireless fingertips for one moment and I’ll answer your completely illogical concerns.


“I don’t even understand what this new law is!”


As of April this year, Internet Service Providers (ISP) are required to keep records of your telecommunications data, or metadata, for a period of two years. During this time, a variety of government organisations have warrantless access to it. Remember, it isn’t mass surveillance, it’s metadata retention! Very different, don’t you think?


“Oh my goodness! Not my Internet history!


If this was your first reaction, then fear not! Metadata is just data about data, not all your weird messages and dodgy Google search history. If you were to send a tweet for example, the content of the tweet isn’t stored. In the words of Steve Dalby, Chief Regulatory Officer of iiNet, it only includes “Who wrote the tweet, their biography, their location, when it was written, how many other tweets have been written on that user’s account, where the author was when the tweet was posted, what time it was, whom it was sent to … [and] where the author is normally based.” That’s isn’t so bad, right?


It isn’t access to your messages, just access to an unprecedented quantity of metadata, which can be analysed using sophisticated data-mining programs that have the potential to reveal your relationships, political affiliations, sexual orientation, and your mental and physical health. See? Nothing to get all hotheaded over.


“This won’t even be effective at stopping criminals!”


Come on now, it has been indisputably proven that metadata retention is an effective and essential tool. “Wait a minute, that can’t be true! You simply download Tor or get a VPN. I’m an average Internet-using uni student and I know that; surely child pornographers and terrorists can figure it out,” you might say. That’s where you’re wrong again!


Take Germany for example. (Ignore  the inconvenient fact that its law was repealed and replaced for being unconstitutional.) When Germany retained metadata for six month periods, criminal convictions increased by a whopping 0.006%! It doesn’t really matter that the American Privacy and Civil Liberties Oversight Board found there wasn’t a single instance in which the NSA’s metadata retention uncovered a terrorist plot. It doesn’t matter because, in only seven years, they can say it “arguably contributed” to the identification of one (yes that’s right, one!) unknown terrorism suspect! What more concrete evidence could you ask for?


“This has got to be outrageously expensive!”


The best part is cost efficiency! A 2015 report estimated that our new metadata laws would cost somewhere between $188.8 and $319.1 million. Ever so kindly, Joe Hockey graciously announced the government would commit $131 million to assist ISPs. That only leaves a small $57-$188 million gap to be covered by the Australian people. Well worth it, if you ask me.


“How do I know my data will be safe?!”


The government is one step ahead of you, again! There are strict regulations requiring your information to be safely encrypted. Of course, the government can’t tell you exactly where, or how, all this personal information is being stored, since they don’t exactly know either. ISPs don’t have to tell them. But wherever it is, it’s probably very safe. It might be in Australia, or maybe in China, or mayve somewhere else entirely. Rest assured that your data is probably just wherever it’s cheapest to store it. Sounds good to me.  


Who’s seeing all this information then?”


In terms of who can access your information, it’s any organisation deemed to be an “enforcement agency.” Currently, there are 61 agencies listed. Best of all, any agency can apply to be added to this list (with approval at the Attorney General’s discretion). So yes, the list could continuously grow, but we have the government’s word that access is completely essential for every single agency. Your personal information is totally vital for national security!


To wrap this up, it’s time to take a deep a breath and quit freaking out about nothing. This is clearly a “well thought-out”, entirely “evidence-based” law, which totally justifies the serious privacy dangers and millions of dollars it is costing. At the end of the day, terrorists are just not smart enough to download VPNs and there is no way they could bypass this incredibly high-tech system. It’s totally obvious this won’t just be an expensive, ineffective law that accomplishes nothing more than breaching the fundamental rights of everyday Australian citizens.


Yours sincerely,


A fellow (VPN-using) student