What happens if and when the newly introduced metadata retention scheme in Australia encounters its first leak?
Effective today October 13th, 2015 the scheme is active. Although, comically there supposedly are a lot of companies still awaiting for approval on their data retention implementations. You can rest assured telcos like Telstra and Optus are already compliant and ready to store your calls and internet details.
The sheer amount of data that will be logged per second (probably tens of gigs) is also going to undoubtedly show some stress fractures in the infrastructure. Australian telcos can barely keep their networks congestion free and stable, I don’t know how a retention scheme is going to fare any better for them.
This scheme is only the beginning. Now that the door has been opened, the Attorney General can modify the bill and extend its scope a lot easier now the scheme is in place. Sure, not a lot of identifying data will be logged initially but under agreements like Five Eyes, who knows just how much data the government will be able to collect and where does the buck stop?
A massive data retention scheme like this is screaming to be hacked. Groups like Anonymous will see this scheme as a chance to fight the establishment and prove that such schemes do not work, the very thing supposedly protecting citizens from harm (under the guise of terrorism) might actually be the very thing that ends up hurting citizens by exposing their private lives to prying eyes.
The scary thing about the data retention scheme is hackers don’t need to write a single line of code to get the data. The data can be accessed by many government departments without a warrant, a hacker might work in one of these departments, know someone who works in one or use social engineering to obtain the data all without being immediately detected.
The question remains though: when Australian citizens private metadata is leaked onto the internet, what happens? Once something is out there on the internet, you can’t get rid of it once it starts being shared on torrent sites and whatnot.
We should all be very worried.
