back to article Brandis' metadata retention recipe doesn't prohibit USB drives stored in a garden shed

Service providers caught up in Australia's data retention scheme will have to encrypt customer information, but that's about as much guidance as the Attorney-General's Department offers. The advice issued by the Department offers scanty information on what constitutes suitable storage infrastructure, and no advice at all on …

  1. Number6

    A shame they can't just encrypt it with a SHA-2 hash.

    "What's that? You meant reversible encryption?"

  2. dan1980

    Ahhh yes - let's pass wide-reaching laws now and work out the "finer details" later.

    That seems the proper and sensible way to treat the privacy of the entire country. Never mind that some of those "finer details" are exactly the sort of things that tech and privacy experts - as well as ordinary citizens - have been so concerned about.

    You know - security of the data and regulations for its access and transmission and other trivialities like that.

    Just start collecting - we'll figure the rest out next week or something.

    1. Anonymous Coward
      Anonymous Coward

      The only way I see of ensuring that metadata is indeed kept securely is by using a VPN in the first place.

      1. Adam 1

        Already done. If the US government can't keep 20 million personnel records safe, why would I trust my ISP to?

  3. Magani
    Big Brother

    I foresee a 'Yes Minister' moment in an ISP's future

    James Hacker: [reads memo] This file contains the complete set of papers, except for a number of secret documents, a few others which are part of still active files, some correspondence lost in the floods of 1967...

    James Hacker: Was 1967 a particularly bad winter?

    Sir Humphrey Appleby: No, a marvellous winter. We lost no end of embarrassing files.

  4. Woza
    Black Helicopters

    Did I miss it?

    Was there any mention about whether the data has to be stored within Australia? Or can it be encrypted with ROT13 and then stored in the cheapest cloudy location?

    1. Adam 1

      Re: Did I miss it?

      I have a scheme where I work out the letter number (a is 1, b is 2, etc) and add 64 to it. I then convert it to binary. Foolproof!

    2. GrumpyOldBloke

      Re: Did I miss it?

      Malcolm is on record as saying that there is no requirement for the data to be held onshore. Encryption was a late amendment requested by the ALP and the Greens, it was not in the original bill. To open up such a large attack surface with no safeguards or even a clue suggests that this is more about cowering the population and forcing self censorship than any effective mechanism for law enforcement or national security.

  5. Winkypop Silver badge
    Trollface

    Metadata on Renewable Energy and the ABC (TV)

    This is to be stored in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying 'Beware of the Leopard'

  6. Anonymous Coward
    Anonymous Coward

    Oz shed may not be that bad

    Cardboard box, few brown recluse, probably more secure than an office that hosts a previous generation boss who can't handle passwords or decent locks.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like