MsLods’ news round-up: law + technology


Industry warns site blocking could have unintended consequences: Highlight need to avoid ASIC blunder. | IT News |  

 Senate Inquiry – Copyright Amendment (Online Infringement) Bill 2015. Submissions due 16 April.

Lawsuit over the price of ‘Happy Birthday’ inches forward. | Billboard |

Ireland: UPC ordered to install ‘three strikes’ anti-piracy system. | Independent IE |

How Netflix is trying to make Australians drop their VPNs. | ZDNet |  

EU announces plans to banish geo-blocking, modernize copyright law.  | Ars Technica |

Defamation, freedom of expression & media law

How the Adrian Baylely suppression order forced the reprinting of our new media law book. | JournLaw |

The Age abandons potential defence to Helen Liu defamation action to protect confidential sources. | SMH |

UK HM Revenue & Customs whistleblower illegally investigated using counter-terrorism powers. | The Guardian |

In Turkey, anchorwoman faces a decade in jail for tweet. | Sunday’s Zaman |

Data retention: ‘journalist information warrants’ are warrants in name only. | The Guardian |

Journalist Peter Greste delivers blunt message to politicians on detention centre secrecy. | SMH |

Privacy & information security

PSO breached “data security” for a laugh, documents reveal. | The Courier |

FBI used to recommend encryption. Now they want to ban it. | The Guardian |

New data world order: government can read every Australian like an open book. | The Guardian |

2500 metadata ‘cops’ to search phone and internet records. | SMH |

Human Rights Council creates mandate of Special Rapporteur on the right to privacy.  | OHCRC |

Stolen Uber customer accounts are for sale on the dark web for $1. | Motherboard |

Privacy Commissioner accepts enforceable undertaking to enhance information security at Optus. | OAIC |

“For privacy is not only a personal right, but a collective good—a cornerstone of democracy”, writes David Cole. | The Nation |

Welcome to the Manila Intermediary Liability Principles! | CIS |

“The number of WhatsApp messages sent every day now exceeds the number of standard texts.” What’s Up? | The Economist |

Cisco posts kit to empty houses to dodge NSA chop shops. | The Register |

Social media

On social media & professional identity: “This is not just a post about Instagram”. | Thesis Whisperer | 

Vietnam: Communist Party leaders struggle over social media.  | Global Voices |

“Twitter puts trillions of tweets up for sale to data miners”… even police involved in crowd control. | The Guardian |

29 March 2015

MsLods’ news round-up: law + technology

MsLods’ news round-up: law + technology


Can you copyright a feeling? The Blurred Lines case shows there’s something wrong with copyright. | The Conversation |  

US $7.4m Blurred Lines verdict beats high mark of $5.4m that Michael Bolton paid for infringing Isley Brothers’ song. | The Hollywood Reporter |  

More copyright trolls rushing in to take advantage of Canadian notice system loopholes. | Techdirt |

UK: Sky will hand over customer data in movie piracy case. | Torrentfreak |

RIAA + MPAA are pressuring ICANN to force registrars to suspend domains over “copyright abuse complaints”. | Washington Post |

US: Piracy lawsuits dominated by just three movie companies. | Torrentfreak | 

Defamation, freedom of expression & media law

Malcolm Turnbull puts plan for media ownership reform on PM’s desk. | The Guardian |

Treasurer for wail. | The Saturday Paper |

 defamation case: Federal Court won forum shopping case, but why, and how? | The Social Litigator |

Travels with my censor. | The New Yorker |

Australia’s first Instagram defamation case? Bikini Girl v Banana Girl. | The Daily Mail | 

Parliamentary inquiry into access to journalists’ communications data Submissions due 2 April. Report 4 June.

Whistleblowers who revealed child abuse on Nauru being investigated by AFP. | The Guardian | 

Privacy & information security

EU Commission says it will not propose a new data retention law. | Reuters |

Post-Snowden Parliamentary inquiry calls for tighter safeguards on spooks’ access to “metadata”. | The Register |

Half a million communications data access requests authorised in UK last year. | The Guardian |

Dutch court suspends mandatory data retention laws. | ZDNet |

Victory in Paraguay as harmful data retention bill rejected. | Access |  

Bulgaria’s Constitutional Court scraps data retention provisions. | Sofia Globe |

“Dragnet surveillance programs make ensuring attorney-client privilege difficult if not impossible”. | NACDL |  

Australian lawmakers can’t use phones, will vote on data retention. | ZDNet | 

What ‘safeguards’ are in Australia’s data retention laws? | The Conversation |

Data retention laws will hurt big business whistle blowers. | SMH |

Updated overview of the EU & data retention laws. | MsLods |

Data retention is also a data creation scheme in Australia. | MsLods |

Secret Snowden documents show Canadian agency suffers from “information overload” because it collects “too much data”. | The Intercept |  

Your mother’s maiden name has been a ‘security question’ since 1882. | Fusion |

We are citizens, not mere physical masses of data for harvesting. | The Guardian |

NSA call records program didn’t stop a single terrorist attack. | Common Dreams |

U.K. Parliament says banning Tor is unacceptable and impossible. | Daily Dot |

Drone owners register called for by House of Lords. | BBC |

North Korean rebels hope to topple Kim Jong-un by smuggling in USB drives packed with foreign TV shows and movies. | Wired |

Life as mobile telco in Afghanistan. | ZDNet | 

Social media

‘s presentation on Social Media in Academic Practice:

Facebook has closed a Hobart child sex offender’s account after a boast about attack. | The Mercury |  

Senate passes law to fine web giants over online bullying. | IT News |

In case where Twitter stood up for users’ privacy, judge reverses ground and quashes subpoena. | Public Citizen|  

NSW Premier Mike Baird tried to make a viral video, ended up infringing copyright instead. | Junkee | 


15 March 2015

MsLods’ news round-up: law + technology

MsLods’ news round-up: law + technology


iiNet, DBC 3-week wait on piracy ruling. | IT News |

Brandis snubbed consumer groups, ISPs in piracy debate. | ZDNet |

Losing cultural treasures under the TPP. | Public Address |

Draft Copyright Notice Industry Scheme Code. | Communications Alliance |

Defamation, freedom of expression & media law

Brandis still aiming to abolish Office of Australian Information Commissioner (responsible for FOI). | Open and Shut |  

A Whistleblower’s Horror Story. | Rolling Stone |

Swiss journalists who used covert filming win press freedom judgment. | The Guardian |

China will start censoring online usernames this Sunday. | Techinasia |

Bugging revelations stun journalists as inquiry unfolds. | SMH |

The Google effect: ICAC suppresses identity of witness. | SMH |

UK government to rush through guidelines to stop police snooping of journalists. | Guardian |

Privacy & information security

Canada’s spy agency collects & stores millions of Canadian’s emails to the government. | CBC |

UK admits unlawfully monitoring legally privileged communications. | The Guardian |

Dutch court urged to strike down national data retention law. | Jurist |

Snowden factor: report laments exposure of mass surveillance schemes. | Computerworld |

Data retention costs: government is treating us like mugs. | SMH |

Retain our privacy, not our data. | ABC Drum |

Telcos question data retention plans that exclude Skype, Facebook and Gmail. | The Guardian |

Stop monkeying around with our metadata laws, Prime Minister. | ZDNet |

A list of current legal challenges to UK’s surveillance regime. | Bureau of Investigative Journalism |

You had one job, Lenovo. | Slate |

Australia’s war on terror hampered by incompatible IT systems. | ZDNet |

Big data ethics is a board-level issue. | ZDNet |

Who do we blame when a robot threatens to kill people? | Fusion |

Why we need a right to privacy for brain data. | Gizmodo |

Watch ‘Noah’, the short film that inspired Modern Family’s i-phone filmed episode. | Fusion |

Social media

Michelle Obama, Reese Witherspoon & other celebs are revealing their locations when they post photos on Instagram. | Fusion |

What happens to your Facebook account when you die? | Crikey |

In privacy update,  Reddit tightens restrictions on nude photos. | New York Times |

Stop the tweets: Australia commits $18M to monitor social media. | ZDNet |

The Snapchat and the platypus. | Medium |

Meet the tweet-deleters. | Fusion |

26 February 2015

MsLods’ news round-up: law + technology

MsLods’ news round-up: law + technology


A guide to the Trans Pacific Partnership. | PC Mag Australia |  

YouTube flags cat purring as copyright infringing music. | TorrentFreak |  

Bid to shut Sunshine Coast’s former Ettamogah Pub for alleged copyright breaches. | Brisbane Times |

EFF responds to USTR bullying the world to repeat our copyright mistakes. | EFF |

The Internet created Left Shark, not Katy Perry. | The Verge |

Defamation, freedom of expression & media law

Gina Rinehart makes court bid for copy of Channel Nine’s House of Hancock. |Brisbane Times |

David Carr, media equation columnist for The Times, is dead at 58. | New York Times | 

Australian anti-terror laws summarised for media law students. | JournLaw  |

Anti-halal campaigner sued for defamation  over claims Islamic certification supports terrorism. | The Guardian |

Greste release is welcome, as would be a free media in Australia: Mark Pearson. | JournLaw |  

Privacy & information security

Data retention hinges on Labor’s support, writes Josh Taylor. | ZDNet |  

There is no “meta”. | Future Wise |

Watch: Video of the panel with Ed Snowden, Laura Poitras & Glenn Greenwald moderated by David Carr (RIP)  

Laura Poitras on Citizenfour, Ed Snowden and whistleblowers.  | The Guardian |

Anyone who makes you choose between privacy and security wants you to have neither: Cory Doctorow. | Boing Boing |  

In historic ruling, U.K. surveillance secrecy declared unlawful. | The Intercept |  

Australian police bugged journalists, each other, & allegedly even their own commissioner. | Vice News | 

How do we pay for privacy? | Cryptography Engineering |

Australian police seize 3D-printed gun parts and knuckle dusters in raid. | CNET Australia | 

We dream about drones, said 13-year-old Yemeni before his death in a CIA strike. | The Guardian |  

Police could stream drone data direct to AFP network. | Computerworld |

Australia government ploughs ahead with eSafety commissioner plans. | ZDNet |

France can now block suspected terrorism websites without a court order. | The Verge |  

Where the internet lives: the artist who snooped on Google’s data farm. | The Guardian |  

Kashmir Hill turned CAPS ON for a week and everyone hated it. | The Fusion |

Social media

Twitter’s latest transparency report: Continuing our fight for more transparency. | Twitter |

Millions of Facebook users have no idea they are using the Internet. | Quartz |

Prisons are punishing inmates who use Facebook with decades in solitary confinement. | The Fusion |

5 facts about online video for YouTube’s 10th birthday. | Pew Research |

Facebook now offers a profile will for when you die. | Gigaom |

Jon Ronson on Twitter shamings:  How one stupid tweet blew up Justine Sacco’s life.| New York Times Magazine |


13 February 2015

MsLods’ news round-up: law + technology

MsLods’ news round-up: law + technology


Negotiators burn their last opportunity to salvage the TPP by caving on copyright term extension. | EFF |

After Sony hacking, MPAA considers major changes. | New York Times |

Anti-piracy advocate Roadshow beefs up political donations. | ZDNet |

Major labels keep 73% of Spotify premium payouts. | Music Business Worldwide |

‘FAIR: Freedom of Access to Information & Resources’ library advocacy campaign launches. Check out & follow

Katy Perry’s lawyers demanding take-down of a 3D-printable left shark. | Gigaom |

Defamation, freedom of expression & media law

Whistleblower John Kiriakou, only person jailed over CIA torture program, is out of prison. | Boing Boing |

Tasmania drops plans to let corporations sue protestors for defamation. | The Guardian |

Outgoing Australian Press Council chair Julian Disney levels criticism at media practices. | ABC |  

UK: ‘Vexatious’, ‘annoying’ and disruptive, Press Gazette barred by MET from asking more RIPA questions.  | Press Gazette |

Privacy & information security

In historic ruling, U.K. surveillance secrecy declared unlawful. | The Intercept |  

Government wants metadata laws by March. | The Age |

Examples of how data retention will impact on everyday Australians. | Crikey |

Data retention: too many unknowns, too many unanswered questions. | The Guardian |.  (by me)

Gmail, Facebook, Skype excluded from Australian data retention regime. | ZDNet |

Sharing images and not caring. | NZ Privacy Commissioner |  

White House to mandate deletion of irrelevant private data collected by surveillance agencies. | The Verge |  

Stop equating women in tech with engineers. | Medium |

US: The federal government could be taking pictures of you in your car. | Fusion |

“The intelligence agencies are living in a golden age of surveillance.” — PGP creator Phil Zimmermann. | The Guardian |

Hi-tech fashion redefines the meaning of revealing clothing. | New York Times |

All my blogs are dead. | The Awl |

How the Internet has made social change easy to organize, hard to win. | TED |

Social media

Facebook faces fight in Europe over new privacy  policy. | Gigaom |

Twitter reaches deal to show tweets in Google search results. | Bloomberg |

What happened when I confronted my cruellest troll. | The Guardian |

Stupid tricks with promoted tweets. | Medium |

Twitter CEO admits cyber bullying poses threat to revenue growth”. |  ABC – The World Today | 

7 February 2015

MsLods’ news round-up: law + technology

Data retention – what’s at stake?

Mandatory data retention is mass surveillance.

As the former Victorian Privacy Commissioner has said mass data retention:

“…is characteristic of a police state. It is premised on the assumption that all citizens should be monitored. Not only does this completely remove the presumption of innocence which all persons are afforded, it goes against one of the essential dimensions of human rights and privacy law: freedom from surveillance and arbitrary intrusions into a person’s life”

So you’ve got nothing to hide? Not fussed about rights and freedoms?  Well, here’s some further practical consequences of data retention to consider.

Your “metadata” in the court room

The Data Retention Bill does not impose any limitation on access to the retained data by other legal avenues.  This means there’s nothing stopping your ex-husband, your employer, the tax office or a bank using a subpoena to get access to that data if it is relevant to a court case.

Your telecommunications data – such information as who you called, when you called, your location or who you emailed, or messaged could be relevant to any range of disputes. (Here’s the draft data set – it’s complex and still not yet finalised).

Metadata isn’t like an envelope. It is possible to create meaningful personality profiles – including personal preferences, social/political affiliations, sexual orientation, health information, financial interests and ethnic identity. For example, certain phone numbers & email addresses are context specific eg suicide hotline, political parties, doctors, police , the list goes on.

Telco data would be useful in commercial disputes such as those involving trade secrets, intellectual property, breach of confidence. And then there’s family law disputes, insurance disputes, workers compensation claims, and that’s before we get to the oft-cited example of copyright cases.

And all this will likely increase the cost of litigation and reduce access to justice.  Better resourced companies or individuals can more easily afford cost of issuing subpoenas or even preliminary discovery applications as in the Dallas Buyers Club case.

Taxpayers will fund their own surveillance

We’ve heard much about the government’s cutting the red tape agenda.

But not so much about the costs and regulatory burden of data retention on small telcos? How will this impact competition in the communications sector?

AIMIA also argues that the data retention will be a strong disincentive for companies to invest in infrastructure in Australia.

It’s unclear what the level of contribution the Government will make to industry toward the up front or ongoing cost of complying with the proposed data retention regime.  We do know that the costs will be significant.  What costs will be passed on to residential and business customers?  Ultimately we’ll all pay as tax payers and consumers.

How much will this all cost? We still don’t know

Drive consumers away from Australian businesses

A range of pragmatic compromises have been made to get this Bill introduced into Parliament.

Just one example: what are known as third-party over the top services such as Gmail, Skype and Facebook are not currently covered by the data retention obligations. But data associated with services such as email, VoIP and SMS provided by your telco will be retained.

This decision about the scope of the regime is  likely to reduce revenue of Australian businesses, and reduce the already questionable effectiveness of the scheme in making the community safer.

Off-shore data storage

Your ISP can choose where it wants to store your data.

As the Victorian Privacy Commissioner has submitted:

  • The Bill does not prevent retained data from being transmitted to, and stored in, offshore cloud computing services that are under the control of foreign corporations and foreign governments.
  • It does not exclude retained data being stored in cloud computing services that are physically located within Australia but which are owned by foreign entities that may be subject to extraterritorial legal obligations that subject the retained data to the laws of foreign countries

So how is your personal information safe from the reach of foreign countries? 

How safe will your data be?

The Bill does not place any additional obligations on your telco to keep your data secure.

Telcos and the Privacy Commissioner has warned of increased risk of security breaches from the retention of large amounts of personal information for an extended period of time and the attraction to hackers by retention of larger amounts of data.

Your telco has no absolute liability for the results of these increased risks, only a potential obligation under the Privacy Act to take ‘such steps as are reasonable in the circumstances to protect the information’.

The Victorian Privacy Commissioner has highlighed that:

  “Breaches to the security of large, well resourced private sector organisations are commonplace but many remain unknown because of commercial secrecy and the fact that Australia does not have a data security breach framework in place”

The Australian Privacy Foundation in their excellent submission set out the risks, namely

  • risks associated with unanticipated uses of the data by service providers;
  • risks associated with disclosures to third parties; and
  • risks associated with the difficulties of adequately ensuring the security of large data sets.

Such risks are a concrete reality as Privacy International have highlighted:

  •  In 2013, senior Queensland police misused caught pulling confidential mobile phone records to catch officers faking sick days;
  • UK: call records of over 1,000 journalists over a 2 year period handed over to police – “human error” on part of a telco employee;

In recent years, the Privacy Commissioner has investigated breaches of security by telcos and government agencies:

 Australian service providers have experienced significant issues in handling and keeping personal information secure. Major telecommunications services providers that will be covered by the scheme are amongst the 20 entities most complained about to our office,” Pilgrim says.

And if your telco does get hacked and your personal information is disclosed, they don’t have to tell you.


It is expected that, as with the Snowden revelations, a move to mandatory data retention will increase the already growing appetite for encryption and anonymisation products.

Moves to more encryption and tools such as VPNs (already commonly used by businesses and many consumers) is counter-productive to the government’s objectives of retaining data to assist it in protecting national security and tackling serious crime.

Will much of the data left to be retained be that belonging to relatively unsophisticated or incautious Internet users?

But don’t ASIO and the AFP need data retention to protect us?

We haven’t been provided with compelling evidence that explains how “metadata” used by police will no longer be available if we don’t have mandatory data retention.

The AGD couldn’t provide Senator Ludlam with any evidence that data retention was effective in addressing  the claimed objectives of tackling serious crime or protecting national security. (Note: there is no limitation in the Bill that the data can only be accessed to investigate or prosecute serious crimes.)

Our government isn’t alone in scratching around for evidence. UK representatives before the CJEU in July 2013 conceded there was no “scientific data” to underpin the claimed need for data retention. In the US, the Privacy and Civil Liberties Oversight Board  found that there is little evidence that the metadata program has made the US safer.

As the authors of a study on the EU Data Retention Directive highlight in respect to the “evidence” which had been presented to justify the Directive, it is sufficient to note that the plural of anecdote is not “data”.

Want to know more?

  • Register for the Law Institute of Victoria’s free Data Retention Forum on 24 February.
  • Check out the submissions to the PJCIS on the Data Retention Bill
  • Check out my post on what’s missing from the government’s site on data retention
  • Follow the work of journalists who are covering these issues such as Josh Taylor, Bernard Keane, Allie Coyne, Rohan Pearce, Ben Grubb, Claire Reilly and Paul Farrell.
Data retention – what’s at stake?