Govt wants ISPs to record browsing history

Govt wants ISPs to record browsing history

Summary: Companies who provide customers with a connection to the internet could soon see themselves having to retain subscriber's private web browsing history for law enforcement to examine when requested, a move which has been widely criticised by industry insiders.


Companies who provide customers with a connection to the internet may soon have to retain subscriber's private web browsing history for law enforcement to examine when requested, a move which has been widely criticised by industry insiders.

surveillance camera

(Camera video de surveillance
image by Frédéric Bisson, CC2.0)

The Attorney-General's Department yesterday confirmed to ZDNet Australia that it had been in discussions with industry on implementing a data retention regime in Australia. Such a regime would require companies providing internet access to log and retain customer's private web browsing history for a certain period of time for law enforcement to access when needed, according to Australian internet service provider sources.

Currently, companies that provide customers with a connection to the internet don't retain or log subscriber's private web browsing history unless they are given an interception warrant by law enforcement, usually approved by a judge. It is only then that companies can legally begin tapping a customer's internet connection.

In March 2006, the European Union formally adopted its data retention directive (PDF), a directive which the Australian Government said it wished to use as an example if it implemented such a regime.

"The Attorney-General's Department has been looking at the European Directive on Data Retention, to consider whether such a regime is appropriate within Australia's law enforcement and security context," a statement from the Attorney-General's Department to ZDNet Australia said yesterday. "It has consulted broadly with the telecommunications industry."

The EU regime requires that the communications providers from certain EU member states retain necessary data as specified in the Directive for a period of between six and 24 months.

One internet service provider (ISP) source told ZDNet Australia that the Australian regime, if implemented, could go as far as recording each URL a customer visited and all emails.

That source said such a regime "would be scary and very expensive".

Another industry source said Australians should "be very f***ing afraid".

They said the regime being considered by the Australian Government could see data held for much longer than EU Directive time of 24 months — it would be more like five or ten years.

"They seem quite intent [on implementing the regime] and they keep throwing up the words 'terrorism' and 'paedophiles'," the source said. "We're talking browsing history and emails, way beyond what I would consider to be normal SMS, retaining full browsing history and everything."

The office of the Attorney General has since denied that the data retention regime would involve recording users' web browsing history.

Internet Industry Association (IIA) chief executive officer (CEO) Peter Coroneos also confirmed that the industry was having discussions with the Attorney-General's Department.

"There has been some preliminary discussions with the Attorney-General's Department about a proposal for a data retention regime in Australia, but I think those discussions are at a very early stage," Coroneos said. He said the IIA hadn't "seen any firm proposals yet from the government".

"It's more along the lines of [the Attorney-General's Department asking] 'What do you see the issues of being if we were to move to a position similar to the EU'," he said.

"But as I say, there wouldn't be any intention, I wouldn't think, to move to any policy position on this unless there was a full public debate about the proposal."

If the idea were to move to a more "serious proposal", Coroneos said the IIA's view would be "to engage not only with the industry but also the community in a proper discussion".

Electronic Frontier Australia (EFA) chair Colin Jacobs said the regime was "a step too far".

"At some point data retention laws can be reasonable, but highly-personal information such as browsing history is a step too far," Jacobs said. "You can't treat everybody like a criminal. That would be like tapping people's phones before they are suspected of doing any crime."

He added that browser history could reveal all sorts of personal information. "And furthermore, the way the internet works, it's a huge amount of data to be kept and it requires some snooping on the part of the ISPs into which [web] pages people are looking at."

In February, the senate passed a Bill allowing ISPs to intercept traffic as part of "network protection activities". According to an ISP source, it's likely another Bill would be required for a data retention regime to be implemented.

"It is likely that new legislation will be required to put any [data retention] obligations in place," the source said. "It seems to be early days yet, and we have an election looming, which means there will be some time required to get any new law in place."

Update at 1:00pm, 14 May 2010: Added "according to Australian internet service provider sources" to the second paragraph to clarify that Australian ISP sources claimed that this is what the Australian version of the Directive could look like. A link to a story with further comment from the Attorney General was also added.

Topics: Government, Browser, Government AU, Security, Telcos, Enterprise 2.0, Tech Industry

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • The hypocrisy of the Government is astounding. Right after they accuse Google of recording private information (which is being publicly broadcast mind you) they themselves now want to create "single greatest breach in the history of privacy."
  • Hmmm, is it too cynical to assume that any "full public debate about the proposal" will take place AFTER the election? If the coalition will come out clearly against this and the filter, they'd have my vote, but somehow I can't see that happening either :-(
  • Totally agreed with their hypocrisy on the issue.

    As if we needed another reason to rid ourselves of Conroy/Mclelland and their posse - along one comes.

    Sorry, but what the public does online is still subject to a presumption of innocence. If what they are doing is illegal, follow due process, establish the circumstances, and have independent judicial oversight determine if there's a legal reason to wiretap and record.

    Otherwise - butt out. The current Government has messed around enough in technology - and its bad enough this filter will put is in the league of communist and totalitarian regimes.
  • I'm assuming the use of a simple proxy server will avoid this government mandated privacy breach as well?

    Of course this is different from Google, who threw away encrypted data. It's likely that the government will be recording any encrypted data as well as clear text sent via your browser.

    This reeks of Steven Conroy. Scary, scary stuff.
  • Great idea!

    Even better - and more fitting in an up and coming totalitarian society such as Oz, would be if all police, senior public servants and politicians of all levels were required to wear a voice recorder 24 X 7. Each day, the recordings would be scanned by voice recognition software looking for suspicious references to bribe taking, murder, branch stacking, paedophilia & terrorism.

    Dont worry though, no honest official would have anything to fear from this. All paid for by those wearing the recorders of course!
  • That is a very grave and concerning proposal. I do not support unilateral surveillance of Australian citizens without cause and a warrant.

    I believe that Colin's analogy to surveilling all users of the telephone network is very apt. I do not think that a government would suggest that as there would be an uprising. The only difference is far more information can be captured from Internet use.

    I am horrified and I was equally horrified at the EU directive at the time.
  • gimme a break... obviously everything has been recorded since day one, now they're just looking for a legitimate reason to use what they've already collected. news stories are lessons in history nowadays. gimme a dang break already. jeez.
  • Springwick, as someone who works in an ISP-like organization, I assure you, this information is not recorded in any way, shape or form by anyone - it costs too much money to do so.

    This, if it actually become a bill, would be an unacceptable invasion of my online privacy - for shame, Labour
  • very sad proposal, i dont think they have anymore idea to gain support from voters, this way too much breaching peoples privacy. may as well we all live under one roof so that we can see what undies youre wearing?
  • If anything, this will actually make things WORSE. If this were implemented, the criminals would be using encrypted connections to proxies outside of the country as a matter of course, and the police will have no chance of ever tapping into anything useful. You'd have terabytes of recorded data on every person in the country... EXCEPT the criminals!
    Dean Harding
  • OMG... when will this pathetic excuse of a government, and especially that moronic imbecile Stephen Conroy, understand that our privacy does not belong to them. It makes their vehemence at Google a little bit more understandable if in "Conroy World" he thinks that Google was stealing our privacy from them. Internet filter, Data retention, the new customs directives... soon it will be CCTV in our homes recording everything we do for THAT is virtually exactly what this is
  • Here's a hint for senator no clue. No educated criminal sits there browsing away without some sort of encryption going on. They will encrypt their traffic with 1024bit encryption and you will have no idea what they are doing. All you will be doing is breaching the privacy of innocent people. Get a clue.
  • Next Rudd & Conroy will require Australia Post to photo copy all letters, akin to E-MAIL, and store then on micro film.

    We elected this bunch, so have endure their follies.
    Vasso Massonic
  • politicians and public servants should be forced to wear yellow armbands.
  • "We elected this bunch, so have endure their follies."

    What do you mean "we?"
  • Harold, it's a figure of speech. I did not vote them in.

    Here's an interesting addendum.............

    Tassies, don't seem to trust this lot !

    "Yet, at the moment, Tasmania has the lowest proportion of households with a broadband internet connection in Australia. Less than half of Tasmanians have access to broadband in their homes. That's compared with almost two thirds on the mainland, and almost three-quarters in the nation's capital." Courtesy:
    Vasso Massonic
  • The Australian people are basically sheep, so this will probably happen. But how about making the information of every Government employee, including all politicians, or anybody who works for a company that does business with the Government, have their internet details posted on the Internet, along with all of their emails? After all, they are the people who are watching, so they should be watched to make sure they are the kind of people we all want to be watched by.
  • You're assuming that every public servant, at every level of Government supports this proposal. I'm a public servant (state level) and I've gone on the record since Day 0 that the measures Conroy and Rudd's 'kitchen cabinet' have employed are disgusting, abhorrent, and not in tune with Australia's values, principals and needs as a society.

    The fact is that a majority of Australians (thankfully not the majority of Western Australians, myself included, who knew the devious & deceitful people they were and had the good sense to hand Labour their arse on a platter at the last federal election) voted for the current Government.

    It's important that these same Australians stand up to these elected representatives and tell them what they're doing is not what they voted for - and consequently vote them out at the next election. I'm sure they don't want their nation to be compared to the likes of China, Iran, North Korea, and other oppressive regimes who trample of the rights of good citizens to do their thing online unimpeded & with the presumption of innocence.

    Say what you want about the previous Howard Government, but at least for the most part they left the internet alone and like good capitalists and social conservatives allowed it to sort itself out.
  • Sounds like they might have finally twigged that the filter is a no-go and that this is the next best thing - retroactively punishing people for their internet "crimes".

    If this comes to pass I pledge to taking to the streets and causing maximum civil disruption.
  • With net censorship, browsing history, electricity's smart meters monitoring property (and possibly item) usage, police with numberplate recognition cameras, surveillance cameras mounted in all public places with I presume, soon to be installed facial recognition software where has privacy gone? 1984 took a while to get here but it certainly has arrived. Look forward to the barcode on the back of the head and the microchip under the skin.