Telstra halts customer tracking

Telstra halts customer tracking

Summary: Telstra will stop tracking Next G customers' web browsing history and sending that data to the United States, following criticism from the public relating to privacy issues.


Telstra will stop tracking Next G customers' web browsing history and sending that data to the United States, following criticism from the public relating to privacy issues.

Yesterday, it was revealed that Telstra has been tracking URLs visited by customers, and sending that data to US-based filtering company Netsweeper to build a database of sites for a new cybersafety tool called Smart Controls. Smart Controls is reported to block certain sites from appearing on Telstra mobiles whose owners have signed up for the service.

Telstra said yesterday that no customer information is being sent along with the URL information; however, several users have expressed concern that information is being sent without their prior knowledge to the US, where the Patriot Act gives the government access to data hosted there.

Telstra today announced that it will stop tracking customer data in response to customer concerns.

"We are stopping all collection of website addresses for the development of this new product," Telstra said in a statement.

"The data Telstra recorded was anonymous; only the website addresses were captured. There was no information captured or kept that would link specific customers with the websites they visit."

Telstra apologised for the concerns caused by the tracking.

The Privacy Commissioner told ZDNet Australia that it is making inquiries with Telstra about the issue, but would not say whether an investigation will be launched.

Narelle Smythe, partner with law firm Clayton Utz said that Telstra's actions would only have breached Australian privacy law if people can be identified by the information contained in the URLs sent offshore.

"The Privacy Act only covers personal information, so if you effectively de-identify it, the Privacy Act wouldn't cover it," she said. "But obviously you'd need to know exactly what's going to then determine whether that threshold for whether it is personal information has been met."

Netsweeper, the company that Telstra tasked to build its web filter, has had its share of controversy in the past. Last year, the company was reportedly discovered to have provided internet filtering services to Middle Eastern governments that sought to block their citizens from accessing websites about homosexuality, sex education and human-rights advocacy, as well as a number of news sites.

Updated at 3.34pm, 27 June 2012: added comment from Smythe.

Topics: Security, Privacy, Telcos, Telstra


Armed with a degree in Computer Science and a Masters in Journalism, Josh keeps a close eye on the telecommunications industry, the National Broadband Network, and all the goings on in government IT.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • It's clear that personal information contained within URLs was being sent to the states. The legislation does not only cover OOB or back channels.
  • There's just so much wrong with Telstra doing this it's hard to summarize but, I'll try a few points:

    1. Why is a partially government owned business doing covertly collecting subscriber information?
    2. Why are they sending it to a country that is known for looking after their own self-interests at the expense of basic privacy rights for us 'foreigners'?
    3. What's the point of this cybersafety tool if it's built upon covertly stolen data supplied to foreign interests?
    4. Who asked for, or wants, this 'cybersecurity' tool?

    There's no point in having a privacy act, government oversight, or feigning interest in cybersecurity if you're going to breach all that to produce a 'cybersecurity tool'. You can't expect anyone to have faith in the government, Telstra, or the product itself.

    It's just as likely to be a cybersnooping tool for the government, or some other 3rd party.
    Scott W-ef9ad
  • I don't understand where all the surprise and confusion is coming from...

    The details of what content is to be banned, indeed the whole concept of banning websites (let alone where the data is being sent to be filtered) are only minor issues in the debate.

    The scary part about having an 'internet filter' is that to have a filter, ALL web traffic will be monitored and logged. The case for if it should be denied or permitted access only comes after the fact, and it's this fact that upsets the TOR programmers and internet freedom fighters all over the globe.

    Why wasn't this point made obvious when Conroy announced plans I wonder...?