Data retention

Corrines Guide to Avoiding Being Caught Up By Data Retention If You Are A Client of a Sexworker

Note: This is NOT a guide to staying completely anonymous online, avoiding being hacked, avoiding being monitored or avoiding the five eyes network. I HIGHLY and STRONGLY recommend getting further advice if you are now or in the future may be or become related to a public figure, government or religious official or a whistleblower.  

Also note: this is my opinion and not an unbiased view. Clearly I think the Bill and all who voted for it are slimy douche canoes and it has absolutely nothing to do with fighting terrorism. Also if you are unsure please read the references at the bottom, the GetUp one is a very good guide.

This is how the metatdata retention bill (officially the Telecommunications (Interception and Access) Amendment (Data Retention) bill 2014) applies to my clients and if it is of concern to you how to avoid it. Also note that this is not circumventing the law (in fact Turnbull has described a lot of this in an interview but don’t ask Brandis to try and explain it) or doing anything highly technical.

What is it? Surveillance of communication data (phone calls, texts, emails, online messages etc) which will be stored for 2 years by phone and internet providers. Their track record in keeping this secure is not ideal, and they haven’t had to keep this data before in many cases. This data will be able to be accessed by some government agencies without warrant. Let me repeat that. WITHOUT WARRANT. Already it is possible for some agencies to get access to the limited information from telcos without a warrant but the data set is being expanded and it is being kept for much longer. And don’t think they won’t go at it like ants in honey, even with the limited data available now the telecommunications regulator reported 580,000 warrantless demands in the last financial year. It is such a potential data mine that it has been recognised as a honeypot for hackers and criminals.

More specifically the data kept would be subscriber or account holder details, the source and destination of a communication, date, time and duration of communication, location and what services was used e.g. voice, SMS, social media, and the type of delivery services (ADSL, Wi-Fi, VoIP, cable, etc). The data that is of relevance to clients would be anything that could identify you having contacted a sex worker by phone call, text message, messaging service, email and so on. The bits of info being captured by this Bill is not the content but as many have pointed out this is not always needed. If your phones data showed your location as being on a bridge and said you called the Lifeline phone number do you really need to know what was being talked about? Likewise if your records show that you have phoned me on my work number we probably aren’t having a lovely tete-a-tete about fabulous Hobart restaurants. Well, we may have been but the assumption will automatically be made. If at any point in the next two years being associated with a sex worker might risk your career or social standing then this applies to you.

The data is not captured along the way but at the endpoints. There are others who can hack their way into your data between the endpoints and that’s what my disclaimer at the top is about (it’s well beyond the scope of this post to keep illegal access out, let’s just focus on the government approved and legislated for now). The data retention Bill loophole is that the data is only required to be captured by the Bill “if the person operating the service owns or operates, in Australia, infrastructure that enables the provision of any of its relevant services”. It’s the “in Australia” bit that lets us get around it. Here’s the main communication methods and their work arounds.

  • Landline phone calls – use a payphone or Skype.
  • Mobile phone calls – use Skype, Facetime or Viber
  • Mobile text messages – use WhatsApp, Viber, Wickr, Telegram or Skype
  • Email – use Gmail, Hotmail/Live, Yahoo mail or any other host that is based overseas
  • Social media – (my personal opinion is that Facebook’s policies and security are atrocious and I won’t touch it for that reason) but the data retention scheme won’t be able to tell who you’re messaging on Facebook messenger and Twitter direct messages.

Please also keep in mind that while you might keep your data out of the governments hands both ends of the communication chain are effectively captured. So if you use Gmail and the person you’re contacting uses an Australian based email provider, say Telstra, then it will still be known that that person was emailed by you. I believe if you use Skype to call a mobile or landline this might apply too. Spread the word and try and find out the situation at the other end before you trust communicating with them.

I already do this, plus a LOT more but I will also be using WhatsApp for those who prefer it to text messages. Your privacy is important to me. I’ll be dammed if I’ll let a government record my every move so that it might be used against us at some future point that is not relevant to us today.


Crikey, Your guide to the data retention debate: what it is and why it’s bad

The Australian, How to beat metadata retention laws

Gizmodo, Data retention: It’s not the data that matters, it’s who you can be connected with

GetUp, Go dark against data retention