I hope Ben Grubb really celebrated his great win before this news hit. Hannah Francis reports:
Telstra will appeal a ruling by the privacy commissioner forcing it to hand over the metadata of a Fairfax Media journalist, a decision the peak telecommunications industry group says will pave the way for law-enforcement agencies to gain yet more access to customer data.
The verdict from commissioner Timothy Pilgrim, published on Monday, ruled that Telstra had breached the Privacy Act by failing to provide Fairfax’s technology editor Ben Grubb with access to his personal information.
The decision followed a 22-month stand-off between Mr Grubb and Telstra, which had refused to disclose the metadata it collected on him as a Telstra customer, despite routinely handing such information over to government agencies when complying with data requests.
So let’s see…. civil libertarians and activists in Australia had made a very big point of the risk of data retention in terms of privacy, data security, and surveillance. The record of Australian ISPs in terms of privacy and data security breaches is exactly what you might expect (search DataBreaches.net for examples). Despite advocacy groups’ concerns and activism (and hacktivism), the government passed a law requiring more (longer) data retention by ISPs.
The federal government failed to clearly define the term “metadata” in its recently passed mandatory data retention legislation, which requires telcos to retain customers’ metadata for up to two years for the purpose of aiding intelligence operations.
Telstra chief risk officer Kate Hughes said the decision in Mr Grubb’s case could extend the definition of personal data to “every single piece of data in our networks, regardless of whether the data reveals the identity or anything else about someone”.
Which is just another reason why that law should never have been passed.
So if a person wants to get their own records, the ISP fights them, claiming that they are opening the door to government requests by asking them to provide information that isn’t “easy to extract?” But the government could still insist on getting the data, right?
Read more on Sydney Morning Herald.
Like Bell Canada, I don’t think Telstra appreciates a regulatory body telling them that any meta-data is “personal information”.
Quote:
But the Communications Alliance, which represents Telstra and other Australian telecommunications retailers, slammed the decision, saying the classification of Mr Grubb’s metadata as “personal” information was “regulatory overreach”.. end quote
In Bell’s case, they make the claim that personal information must be personally identifying.
In both cases, the meta data of location of work, play, routes of travel, and where you live appears to confuse both Bell and Testra that this could be personally identifying. Or in the case of Telstra, “personal” information.