Unhappy data retention day

This article originally appeared on Hoyden About Town.

This morning, Australia’s mandatory 2 year data retention regime began. Internet activity through Australian ISPs (including mobile phone providers) is now recorded. Australians, according to Crikey, here is what is likely to be retained about your accessing this link today:

  • your name and similar identifying details on your Internet account
  • the Internet address of where you accessed Hoyden About Town from
  • the Internet address of Hoyden About Town itself
  • the date and time you accessed this site
  • how long you accessed it for (quickly, in the case of websites, no doubt, but what if you were Skyping with us?)
  • what technical services you used (HTTP over ADSL or mobile or cable or …)

If you are accessing this over a mobile device, your location is also stored, to quite a high degree of accuracy. This data is also by far the hardest to conceal using any method, since it’s revealed as a core part of your phone’s communication with cell towers.

At least the actual specific page you accessed would not (or at least need not) be retained, if I am interpreting the information at Allens and Crikey correctly.

Surveillance cameras attached to a building exterior
Surveillance, by Jonathan McIntosh CC BY-SA

Further reading:


Image credit: Surveillance by Jonathan McIntosh, Creative Commons Attribution-Sharealike.

The status of pseudonymity and privacy on Google+

This article originally appeared on Geek Feminism.

Here’s a separate thread for people most interested in keeping track of official, semi- and unofficial pronouncements about pseudonymity and/or privacy on Google+ in particular, in addition to the more general discussions taking place at Anti-pseudonym bingo and Social networking requirements. You can also discuss your feelings and reaction to various announcements here. warped-ellipsis, you can re-post your existing links in this thread if you like.

If you’re linking to a blog or Google+ discussion, please also include a summary or excerpt that explains why you’re linking to it. Is it a user test showing such-and-such a property of Google+? Is it a statement by Google or an employee? Is it a change or a clarification? That sort of thing. (No linking/quoting anything from G+ that isn’t marked “Public” please.)

Note: yes, Google+ is in beta/early launch/testing/something, and they’re actively seeking feedback. Please no nagging to people to send in their comments here as feedback, since they now know this for sure and presumably they have or will send it in if they want to, and if they haven’t they presumably have their reasons.

Stuff I’m against, privacy edition

The ALP’s proposed mandatory ‘clean feed’, see Save the Net, No Clean Feed, Open Internet and, especially if you are going to vote in Victoria in the 2010 Federal election, Filter Stephen Conroy.

Recording of email and correspondence history for Internet users in Australia:

Currently, companies that provide customers with a connection to the internet don’t retain or log subscriber’s private web browsing history unless they are given an interception warrant by law enforcement, usually approved by a judge. It is only then that companies can legally begin tapping a customer’s internet connection.

In March 2006, the European Union formally adopted its data retention directive (PDF), a directive which the Australian Government said it wished to use as an example if it implemented such a regime.

The EU regime requires that the communications providers from certain EU member states retain necessary data as specified in the Directive for a period of between six and 24 months.

One internet service provider (ISP) source told ZDNet Australia that the Australian regime, if implemented, could go as far as recording each URL a customer visited and all emails.

But, just when you decide to vote for the Liberal-National Coalition (or MAYBE NOT)… Youth privacy at risk under the Mad Monk:

At the heart of the near-universal support for adolescent health privacy is an extensive body of data. The research shows that the greatest barrier to young people seeking medical help is the fear their parents may find out.

In Australia, “mature minors” are authorised to make decisions about their medical treatment. A mature minor is a tween or teen with sufficient understanding and intelligence to understand the nature and consequences of the medical intervention proposed, and to give informed consent to it.

While all those under 18 must be accessed on such criteria, it is generally assumed that those over 17 are mature minors, that those 14 to 16 are reasonably likely to be, and that those under 14 may not have capacity to consent, particularly in relation to more serious treatments. The requirement for confidentiality is a corollary of the mature minor framework.

Never one to let evidence muddy the waters of ideology, the now Opposition leader Tony Abbott was part of a government that in 2003 lifted the age at which information about a child’s healthcare visits could be accessed by their parents from 12 to 14. As Health Minister he vigorously argued for this threshold to be lifted again, from 14 to 16. Had he succeeded, an entire group of Australians would have been denied independent and confidential medical care, despite most qualifying for it.

Who you speak to and where you are: why it matters

This article originally appeared on Geek Feminism.

Warning: this post discusses intimate partner violence and rape. Please place a trigger warning on links to this post.

If you are currently at risk of violence, here are some links for viewing when you’re on a safer computer: National Network to End Domestic Violence: Internet and Computer Safety [USA], Washington State Coalition Against Domestic Violence: Internet Safety [USA] and Domestic Violence Resource Centre Victoria: Tip Sheet: Technology Safety Planning [Australia].

Cross-posted to Hoyden About Town.

Abusive relationship and spousal rape survivor and blogger “Harriet Jacobs” at Fugitivus is angry and scared today:

I use my private Gmail account to email my boyfriend and my mother.

There’s a BIG drop-off between them and my other “most frequent” contacts.

You know who my third most frequent contact is?

My abusive ex-husband.

Which is why it’s SO EXCITING, Google, that you AUTOMATICALLY allowed all my most frequent contacts access to my Reader, including all the comments I’ve made on Reader items, usually shared with my boyfriend, who I had NO REASON to hide my current location or workplace from, and never did.

My other most frequent contacts? Other friends of [my ex-husband]’s.

Oh, also, people who email my ANONYMOUS blog account, which gets forwarded to my personal account. They are frequent contacts as well. Most of them, they are nice people. Some of them are probably nice but a little unbalanced and scary. A minority of them ”” but the minority that emails me the most, thus becoming FREQUENT ”” are psychotic men who think I deserve to be raped because I keep a blog about how I do not deserve to be raped, and this apparently causes the Hulk rage.

There’s lots of other comment today on Google’s Buzz automatically assuming that your frequent email contacts should be your Buzz contacts, and making the connection with them public:

There will quite possibly be more by the time I’ve finished writing this post, let alone by the time you read it. But having to fight this battle on a site-by-site, service-by-service basis is disgusting. For a number of groups of people, including people who are the targets of a violent obsession among others, information about who they are in contact with, where they live and what they’re interested in has life-threatening implications. For a larger number of people it has non-life-threatening but potentially serious implications for their job, for example, or their continuing loving relationship with their family. Sometimes people are in frequent contact with people who have power over them, and/or who hate them. Why aren’t privacy policies centring that possibility, and working out the implications for the rest of us later?

Note: as I hope you anticipate, attempts to victim-blame along the lines of “people who are very vulnerable shouldn’t use technology unless they 100% understand the current and all possible future privacy implications” not welcome.

Update 13th February: Fugitivus has had a response from Google making it clear that protected items in Reader were not shared despite appearances, and stating some changes that are being made in Reader and Buzz in relation to issues she raised.