Tag: privacy

No Vote Of Confidence In ID Laws

Policy change happens when events meet ideas.

And so it is with voter ID laws – the idea that we ought to be required to show formal identification when we vote on election day.

Currently our electoral system is based on trust. Voting simply requires a voter to state their name and have it crossed off a list.

It’s incredibly insecure. Charmingly so. Alongside the sausage sizzle, the old-fashioned electoral procedure is no small part of what creates the romanticism of Australian democracy.

On Thursday, during Senate estimates, the Australian Electoral Commission said it was referring 8000 cases of multiple voting in 2013 to the Australian Federal Police. (Voting more than once, in case you didn’t know, is illegal.)

This is a lot. After the 2010 election, only 19 cases were referred to the AFP.

After the loss of 1400 ballots in Western Australia, the reputation of the AEC – and, by implication, the integrity of the electoral system itself – is understandably shaky. There is a strong political desire to do something about the AEC. Something. Anything.

Hence the political push for voter ID laws, which are supposed to prevent multiple voting. Last month, Queensland introduced its own voter identification laws as part of its electoral reform package.

But voter ID is a non-solution to a non-problem.

Let’s start with the non-problem.

Clive Palmer reckons Australians can “vote 10, 20, 30 times if you like”. A voter could visit more than one poll booth and vote under their own name multiple times. Or they could vote multiple times by impersonating other voters, at the same or different booths.

In each case, they would be abusing the trust system. (A person could also potentially enrol multiple times. But enrolment fraud is much harder to pull off.)

Yet just because a law is occasionally broken doesn’t mean it is an urgent problem.

We know when multiple voting happens because once the election is over, the AEC compares the booths’ lists to see if some names are crossed out more than once.

The large number of multiple voters referred to the AFP this year reflects the fact that the AEC is taking the phenomenon more seriously – for political reasons – not that multiple voting is getting more common.

Sure, 8000 cases sounds like a big number. But 10,000 further multiple votes are recorded simply because of human error by booth workers.

In other words, we’re talking well within the election’s margin of error here.

The vast majority of multiple voting instances – usually above 80 per cent – are attributed to confused elderly voters, who often speak English as a second language or not at all. (This 2009 AEC paper details the findings up until the 2007 election. From the evidence given by the AEC to estimates last week that proportion is unlikely to have changed.) Only a tiny fraction of multiple voters have admitted that they were “trying out the system”. Maybe a few hundred in 2013, spread across 14 million electors.

Others say they were drunk. Okay.

One reason the AFP prosecutes so few multiple voters is because there are so few of them. Another reason is that the problem is just not consequential enough to spend scarce resources on.

It is certainly possible to imagine a scenario where multiple voting could strategically alter election results; to swing tight races and thus steal power. That seems to be the underlying concern about multiple voting.

But the concern is misplaced. In a detailed study for the New South Wales Parliament earlier this year, the University of Sydney’s Rodney Smith concluded that “stealing elections is hard … large-scale multiple voting is highly unlikely to emerge as a problem”. Our trust system might facilitate multiple voting, but such behaviour is easy to detect after the fact. Questionable election results can be disputed.

As Smith pointed out, there is no evidence to suggest that multiple voting is directed towards marginal seats, which is what we’d see if one party was trying to game the electoral system.

But Parliament is about finding solutions to problems, not figuring out whether those problems exist.

So, with the AEC’s reputation at a low ebb, there is a push for a voter ID requirement to eliminate multiple voting. The push is coming mostly from the Coalition.

Voter ID would tackle only one of the ways to multiple vote – the impersonation of other voters. It wouldn’t do anything to stop people visiting different booths under their own name. (Unless of course the lists were somehow digitally tied together and updated in real time. This would be incredibly complex, and it’s not on the table.)

Not every change to an electoral system is necessarily self-interested and anti-democratic. But that’s not a bad rule of thumb.

In the United States, voter ID requirements are used to suppress the vote of traditional Democrat constituencies: the young, poor, and minorities. Those groups are less likely to have and carry appropriate identification.

But voting is voluntary in the US. Australia’s compulsory system means voter ID would create a different dynamic. Those voters who find producing identity documents too troublesome and fail to vote will be fined for not doing so. This punishment to vote may (partly) counterbalance the disincentive of having to show identification.

The Queensland reforms allow voters to show a reasonably broad range of identity documents – not just photo ID. If none are on hand, voters would be able to sign declarations of their identity.

But you can imagine how such new rules will gum up the works on election day. Confused voters sorting through identity papers. Booth workers trying to guide non-English speaking elderly through declaration statements.

What an enormous amount of hassle and complexity to fix a non-problem. Voter ID is yet another bureaucratisation of our little democracy.

Opening statement to Commonwealth Legal and Constitutional Affairs References Committee inquiry into Comprehensive revision of the Telecommunications (Interception and Access) Act 1979

With Simon Breheny

Thank you, first of all, to the committee chair, Senator Scott Ludlam, and the other members of the committee for inviting us to speak with you this morning. At the outset, let me make some general statements of principle. These principles should guide any reform to the Telecommunications (Interception and Access) Act 1979.

Interception and access of telecommunications data by government agencies is an intrusion into the human right to privacy. As individuals we have the right to control aspects of our lives that we wish to keep private. Government access to communications data should be strictly limited. The first limitation on access to communications data is the requirement that it must be targeted towards a person reasonably suspected of criminal wrongdoing. The second limitation is that interception of and access to communications data should only be allowed in accordance with a warrant issued by the courts. Warrants allow the interception and access to communications data in limited circumstances. They create a threshold for interception and access and ensure a level of accountability of the law enforcement agencies conducting criminal investigations by judicial oversight.

The proposal to introduce a mandatory data retention regime in Australia is a clear violation of these principles. Mandatory data retention would establish a systematic and ongoing mass surveillance regime on the internet activity of everyone in Australia. It is a very serious breach of privacy; it is easily circumvented and it is likely to suffer significant mission creep. As my colleague Chris Berg has argued, mandatory data retention will also have a chilling effect on free speech. The Australian privacy principles were updated and implemented just six months ago, yet mandatory data retention is a policy that would require the explicit rejection of these principles—namely, that businesses, including internet service providers, should only retain the information that is required for business purposes and should delete that data when it is no longer required for those same purposes.

We have seen in recent times some very significant breaches of privacy by government agencies. Most recently, the Australian Federal Police was responsible for a very serious breach of privacy when it revealed the identities of criminal suspects and other details about criminal investigations. Such inadvertent disclosures are unavoidable, but government should be seeking to reduce the possibility of these disclosures where possible. It is also worth noting that it has not been adequately shown that preservation orders are not adequate to achieve the aims of the law enforcement. Stored preservation orders are targeted, proportional data retention schemes that offer a flexible and privacy-protecting mechanism to law enforcement agencies. It is striking to us how rarely the existence of this mechanism is discussed in the data retention debate when it would seem to resolve all the problems with the TIA act that have been identified by law enforcement agencies.

The authorised access regime established under the TIA act allows for warrantless access to communications data stored by telecommunications companies. This is a clear breach of the principle that access to communications data should not occur unless a warrant has been issued by judicial authority. The TIA act annual report 2012-13 revealed that there were more than 300,000 access authorisations made in that year. Some of these authorisations were made by organisations like Australia Post, the Clean Energy Regulator, Harness Racing New South Wales and the Wyndham City Council. The authorised access regime should be abolished and should be replaced with a regime where communications data may only be accessed in accordance with the warrant issued for that purpose.

One of the problems we have identified in this debate concerns the word ‘metadata’ as opposed to ‘content data’. In our view the word ‘metadata’ describes nothing of analytical value; it is all just data. Indeed, as has often been pointed out in this debate, metadata is capable of revealing even more than what has been described as content data. We are happy to discuss the issue in detail if the committee wishes. Thank you.

US Surveillance Scandal Just The Tip Of The Iceberg

More than a decade after the September 11 attacks, the US is having a debate about its monstrous national security apparatus. Finally.

In that time, Congress has granted every wish of every security agency. The only condition was those wishes had to be connected, however vaguely, to the war on terror.

Last week, Americans learned the result. They now live in a vast surveillance state run by secretive intelligence bureaucracies and bloated private contractors.

We should care about this, too. Australia’s national security agencies are pushing our Parliament down the same path.

Here is what we know so far about the American scandal. For the past seven years, the US government has been secretly hoovering up records of millions of phone calls. It has been able to gain access to enormous amounts of data from companies such as Google, Facebook and Yahoo on their users. For its legal authority, it relies on the rubber stamp of a secret court.

Those companies targeted are forbidden from discussing what is going on. In March, Director of National Intelligence James Clapper explicitly denied to Congress that the program even existed.
As one Democrat who received a classified briefing this week said, the public has only seen the ”tip of the iceberg”.

Australia has not gotten quite that bad. But every policy change goes one way – towards more state power.

The Attorney-General’s Department wants Parliament to approve a suite of new security powers. This would include a massive data retention scheme, where records of all our internet usage would be kept by internet providers just in case we are later suspected of committing a crime.

The government is not transparent about what exactly these new powers would entail, or what they are supposed to solve. We have to piece together disparate pieces of information to figure out what our own government is doing.

For instance, we learned in February our foreign spy agency ASIS has been lobbying politicians for permission to collect intelligence on Australian citizens. But that is already the job of the domestic agency, ASIO. Why does ASIS want this power? It is not clear.

Earlier this year, we learned Australian bureaucracies are accessing phone and internet records nearly 1000 times a week without a warrant. Even the RSPCA can get access to these records. Yes, that RSPCA, the animal group.

And it is almost certain the American program has been been collecting data on Australians. Parts of the program give moderate privacy protections to American citizens but nothing to people ”reasonably believed to be outside the United States”. It is unclear how involved Australian agencies are. We know British agencies have been, but Canberra won’t disclose anything.

This madness has to stop. The national security state has grown too big. It is too unaccountable. It is fundamentally undemocratic.

When the Attorney-General’s office was questioned about its surveillance activities, a spokesman replied it was the “long-standing practice of successive Australian governments not to comment on national security and intelligence capabilities”.

Such blithe dismissals might have worked in the past. But after what we have seen in the US, there is no longer a reason to give government any benefit of the doubt.

Nobody denies that law enforcement must keep up with the times. Nobody denies terrorism is a real and ongoing concern. But the past decade has seen security agencies use these two facts as leverage for unprecedented funding and power – far out of proportion to the technological problems they are worried about.

Security agencies have an advantage in the political game. They are a black box – opaque and secretive. It is easy to convince politicians they would be endangering lives if Parliament did not grant some new power, or if checks and balances were not relaxed a little bit more.

The agencies are helped by national security apologists, who seem more worried about loyalty to the state than any democratic accountability.

The first reaction of the conservative columnist David Brooks to the US scandal was to surmise that the person who exposed it – 29-year-old security contractor Edward Snowden – was just the product of an overly individualistic society. OK, one of the biggest surveillance programs in history is revealed, and Brooks concludes the real issue is young people?

Columnists say the darndest things. But Brooks’ is not a lone voice. There is an active discussion in the US about Snowden’s motives, his girlfriend and whether he has committed “treason”.

Some perspective, please. Snowden’s character is irrelevant to the question of how powerful security agencies should be in a free country. Those who try to play down, dismiss or deflect this scandal are simply the willing tools of state power.

Just as despicable is the claim (heard occasionally from the left) that citizens have abandoned their right to privacy by handing personal information to companies. Talk about blaming the victim. We share stuff on Facebook, so it’s our fault the government is out of control?

The surveillance scandal is an important moment. Even the most gung-ho conservatives in the US are having second thoughts about the national security state.

Let’s hope that scepticism trickles down to Australia.

It’s About More Than Just Phone Hacking … Unfortunately

If you want to know what actually happened in the British phone hacking scandal, you won’t find it in the Leveson inquiry report released last Thursday.

The report comprises almost 2,000 pages; it’s spread across four volumes and has 59 separate chapters. It has a lot of stuff about media history and ethics and philosophy; a lot of hand-wringing about press “culture” and personal friendships between Fleet Street and Westminster.

But not a lot about who committed what crime and when.

For instance, the fact that Rebekah Brooks and Andy Coulson (both ex-News of the World editors) are in court this week facing charges of corrupt payments to public officials does not inform the report.

Nor the fact that at least three public officials have been arrested for misconduct in a public office – that is, corruption.

Lord Justice Leveson is recommending statutory regulation of the press before his inquiry has gotten to the bottom of the phone hacking scandal.

Even by the woolly standards of judge-led policy advocacy, this is pretty stark. Especially considering his proposals would be a reversal of the four-century-old victory of free press over state power.

The Leveson inquiry’s terms of reference are split in two. Part 1 looks at the “culture, practices, and ethics of the press”. Part 2 investigates the specific allegations of unlawful conduct and corrupt payments between press and police.

This is the real issue, as I argued in July last year. Criminal acts are a bad thing and should be punished. But criminal acts with the assistance of police are much, much more disconcerting. Thursday’s report is Part 1. Part 2 hasn’t even started yet.

Operation Elveden – the Metropolitan Police Department’s investigation into corruption in the police force – is ongoing. Leveson writes that he doesn’t want to step on its toes. Repeatedly throughout the report, witnesses suggest serious things. For instance, unnamed senior officers are “rumoured to be corrupt”, but the story ends there, “for fear of undermining what could be an ongoing investigation”.

Still, the first report reveals a litany of errors, misjudgements and bureaucratic backside-covering that allowed the scandal to build before it exploded in 2011.

Between 2001 and 2003, the Devon and Cornwall Police discovered a ring of retired and serving police officers selling information from police databases to private investigators. The investigators were then selling that information to various clients, some of whom were journalists.

Such privacy breaches are not unusual. Over the last decade, more than 200 Metropolitan police officers and civilian administrators have been disciplined for wrongfully accessing the Police National Database. The current commissioner described this to the Leveson inquiry as a “chronic problem”.

But when the Devon and Cornwall Police cases went to court, the judges let the accused go with conditional discharges. They didn’t even get fined.

When the story surfaced again in 2006 (this time the Royal family was claiming its private phone messages were being listened to) memory of the pathetic sentences given to the earlier cases meant the London police were reluctant to aggressively push their investigations. It just wasn’t worth the effort. That, and Britain was at the height of the anti-terrorism campaign. In the wake of the London bombings, chasing privacy prosecutions was less a priority than hunting violent Islamists.

Still, one reporter – News of the World’s “one rogue reporter” – was prosecuted. As part of its investigations, the police found a huge list of potential victims, but it failed to notify them.
Three years later, the Guardian and the New York Times published allegations of widespread phone hacking. This time, the police stonewalled. The issue had already been dealt with. To admit that there was more to the case was to admit that they were wrong to draw a line under the rogue reporter in 2006.

The Milly Dowler story erupted in July 2011. The police had been in possession of seized documents with her name – and Hugh Grant’s name – since the first investigations in 2003.

I’ve dwelled on this timeline because it is the closest the Leveson report gets to an exploration of the specific failures that led to the phone hacking scandal.

It’s all well and good to wax lyrical about ethics and press culture. But if we want to link problem to solution – a basic requirement in the development of good public policy – we have to know what actually caused the events we’re concerned about.

And too much of the Leveson report is divorced from the phone hacking itself. You can understand why David Cameron offered Leveson such a wide brief – he was embarrassed about his relationship to the now disgraced Andy Coulson. But the distance between scandal detail and regulatory proposals undermines the point of the whole inquiry.

To be fair, Leveson’s effort is far better than Australia’s Finkelstein inquiry. Here, Justice Ray Finkelstein wasn’t even given a scandal to work with – he had to construct a justification for press regulation out of thin air. Where Britain had the Milly Dowler case, Australia had the vibe of the thing.

So it is not insignificant that the Finkelstein and Leveson recommendations were so similar: statutory regulation of the press disguised as “self-regulation”. In the UK this is apparently the solution to widespread criminality. In Australia it is apparently a solution to … well, what exactly? The strongest case Finkelstein could come up with was that newspapers gave an unbalanced presentation of climate science.

But there’s a vocal group of people who want a new regulator backed by government, so that’s what gets recommended. Is there anybody who didn’t think Leveson or Finkelstein would call for new regulation? The only suspense has been for the details.

Last week David Cameron rejected those details – he would not cross the Rubicon into press regulation. Hopefully, Julia Gillard and Stephen Conroy will do the same.

Privacy To Be Sacrificed As Roxon Takes Liberties With Our Freedoms

Last week Attorney-General Nicola Roxon argued for one of the most significant attacks on civil liberty in Australian history – internet data retention.

There aren’t many details yet. From what we can tell, the government wants to force all internet service providers to record details about every email their customers send, every website they visit, and every communication they make.

The providers will have to store those records for up to two years, just in case the police or the Commonwealth spy agency ASIO want to look at them later.

This data retention scheme would be an institutionalised, systematic invasion of our privacy – at least as bad as the Hawke government’s proposed Australia Card was in the 1980s. And it is certainly scarier than any of John Howard’s post-September 11 security laws.

Admittedly, data retention is not an original Australian idea. Similar policies have been implemented across Europe. But their record is not flattering. Germany’s parliamentary research unit surveyed European crime statistics between 2005 and 2010 and could not find any evidence to suggest data retention was helping solve crimes. And several European countries have even found data retention unconstitutional. In 2009 the Constitutional Court of Romania found that “continuous limitation of the privacy right … makes the essence of the right disappear”. In other words, data retention is so pervasive that it eliminates privacy. You can understand why Romanians would be sensitive. They suffered under communist police state surveillance for nearly half a century.

The idea behind data retention is to try to replicate for the internet what police have enjoyed with telephone calls for decades – access to records of who we called and when. Yet there’s a big difference between phones and the internet. Telephone companies keep those records in order to bill us. So phone records already exist. Internet data retention would require companies to create a giant new database of what their customers were doing online.

This database would be many times larger and much more revealing. Most Australians make a couple of calls a day. But we send and receive dozens of emails. We visit hundreds of websites. In 2012 we do everything from banking, to researching health concerns online. The internet is nothing like a telephone.

On top of this, the government wants internet providers to take responsibility for keeping these vast new information archives secure. But there are hundreds of internet companies in Australia. Many of them are tiny. Few of them are security specialists.

The Attorney-General argued on Tuesday last week that the police needed all this new surveillance to tackle identity theft. This is clever: we need to destroy privacy in order to save it. But it is nonsense.

These new databases would be attractive targets for those very identity thieves. Criminals could just crack the security of a small internet provider. We’ve seen in the past few years how insecure corporate data can be. Even big firms struggle with security.

Making their case, Roxon and her A-G’s Department say they need to “modernise” their powers to deal with cybercrime. Yet the urgent need to modernise this law would be more convincing if it wasn’t for the fact that the 1979 Telecommunications Interception Act has been “modernised” 64 separate times since then. It has been changed on average twice a year for three decades. Indeed, the last modernisation was as recently as August.

Roxon is talking about more surveillance powers literally a fortnight after she has been granted new ones. Our Attorney-General must know this. So when will enough be enough?

Anyway, the August reform gave law enforcement agencies exactly what Roxon claims they need: the flexibility to investigate crime online. Now if police identify a suspect, they can order internet companies to log the data of specific individuals. Such targeted data preservation is reasonable. It’s like traditional phone tapping. Police get investigative powers, but don’t treat every Australian as a criminal.

Internet data retention isn’t the only new weapon the government wants. A parliamentary committee is currently considering a government discussion paper with dozens of complex proposals to extend security power over the internet. The discussion paper makes some stunning claims. Apparently, some limits on ASIO and the police merely “reflect historical concerns about corruption and the misuse of covert powers”.

Are those concerns really out of date? Politicians like to talk about balancing the need for security and the need for liberty, as if they are shouldering a heavy philosophical burden. Yet it seems new laws only ever satisfy the former. Liberty loses, inevitably, every time.

Opening statement to Parliamentary Joint Committee on Intelligence and Security Potential reforms of national security legislation

With Simon Breheny

The suite of policies proposed in the Attorney-General’s discussion paper add up to one of the most significant attacks on civil liberties in Australian history. Many of the proposals breach the rule of law, severely curb civil liberties and threaten freedom of speech. Our submission focused on the data retention proposal. We were disturbed to see the Attorney-General support this proposal yesterday. In our view, the data retention proposal is a much greater threat to privacy than even the proposed Australia Card was in the 1980s. The complexity of these discussion papers’ proposals is significant. Many of them interact with multiple pieces of legislation. Few have been elaborated or justified. They should be dealt with separately, with separate legislation and separate inquiries. The burden of proof rests on the government to prove to the public that after 10 years of continuous, unrelenting increases in national security power—the last major change was as recently as August this year—there is still a clear need for such extraordinary changes. Almost every single proposal in the discussion paper has serious problems. For instance, the proposal to establish an offence for failure to assist in the decryption of communications is a clear abrogation of the government’s responsibility to uphold the privilege against self-incrimination and the right to silence—vital features of our criminal justice system. We call on this committee to reject this proposal.

We also oppose the default extended period for warrants from 90 days to six months, the lowering of thresholds for obtaining warrants, the power of the Attorney-General to unilaterally vary warrants and the power of ASIO to move, alter or delete data. But the most extraordinary proposal we would like to talk about is that of data retention. This draconian proposal for mandated and indiscriminate retention of the online data of all Australians is completely lacking in proportionality, undermines basic freedoms and is in fundamental conflict with the right to privacy. Extraordinary claims require extraordinary evidence, yet no evidence has been presented to justify one of the world’s most onerous data retention regimes. Abstract references to emerging threats and cybercrime are patronisingly insufficient as justification for such an extreme example of state power.

The collection and storage of data by internet service providers also creates a considerable data security problem. Rather than dispersing information, data retention creates silos of information begging to be attacked by the very criminals this proposal seeks to limit. Many European nations have had data retention regimes in place for a number of years. A study conducted over a five-year period, from 2005 to 2010, found no statistically significant increase in crime clearance rates in countries that had adopted data retention. ‘Australians should not allow themselves to be bullied into accepting a proposal which has ominous implications and particularly a grave temptation for abuse by the government.’ That was said by the IPA in 1986 in relation to the proposed Australia card, and the same holds true for the proposals being considered here today.

Submission to Parliamentary Joint Committee on Intelligence and Security on ‘Equipping Australia against Emerging and Evolving Threats’

With Simon Breheny

Introduction: The Institute of Public Affairs believes many of the national security proposals contained in the Attorney-General’s Department’s Equipping Australia against Emerging and Evolving Threats Discussion Paper are unnecessary and excessive. Many of the proposals:

  • Curb civil liberties;
  • Systematically breach Australians’ right to privacy, and;
  • Breach basic rule of law principles.

The Discussion Paper offers at least 45 distinct proposals. This submission does not attempt to address each one. Instead, we focus on one particular proposal that the government is seeking views upon: the data retention policy that would require internet service providers to retain data on all users for up to two years.

The data retention proposal, along with a number of other proposals listed in the Discussion Paper,would be a significant increase in the power of security agencies and the Attorney-General’s Department.

Available in PDF here.

Be Sceptical Of Vague New ‘National Security’ Powers

Any proposal by the government to increase its own power should be treated with scepticism.

Double that scepticism when the government is vague about why it needs that extra power. Double again when those powers are in the area of law and order. And double again every time the words “national security” are used.

So scepticism – aggressive, hostile scepticism, bordering on kneejerk reaction – should be our default position when evaluating the long list of new security powers the Federal Government would like to deal with “emerging and evolving threats”.

The Attorney-General’s Department released a discussion paper last week detailing security reform it wants Parliament to consider.

The major proposal – although explored little in the department’s paper – is the Gillard Government’s proposed data retention laws. These laws would require all internet service providers to store data about their users’ online activity for two years. They have been on the table for some time.

But there are many other proposals. The department wants the power to unilaterally change telecommunications intercept warrants. It wants the threshold for those warrants to be significantly lowered. It wants the ability for security agencies to force us to hand over information like passwords to be expanded. There’s much more.

These reforms add up to a radical revamping of security power. They raise troubling questions about our right to privacy, our freedom of speech, and the overreach of regulatory agencies. And they suggest one of the most substantial attacks on civil liberties since John Howard’s post-September 11 anti-terror law reform.

Public policy is like comedy – timing is everything. The lack of timing here is revealing.

These proposals come nearly a decade after the first flurry of anti-terror activity, and long after most analysts have concluded that the serious threat of terrorism – keenly and rashly felt at the turn of the century – has subsided.

The government claims that a new environment of cybercrime and cyber-espionage necessitate wholesale reform of the law. These claims are massively overstated. Cybercrime exists more in the advertising of security companies than it does in reality, as I argued in the Sunday Age earlier this year.

Cyber-espionage too is worse in theory than reality. In their recent paper Loving the Cyber Bomb?, two American scholars, Jerry Brito and Tate Watkins, point out that these claims have all the hallmarks of threat inflation driven by self-interested security agencies.

As they write in the American context, “The rhetoric of ‘cyber doom’ employed by proponents of increased federal intervention, however, lacks clear evidence of a serious threat that can be verified by the public.”

Certainly, our Attorney-General’s Department offers no such clear evidence. Perhaps there is evidence. But most of the Government’s case is presented as innuendo and hypotheticals.

Brito and Watkins suggest this hyperbole has a parallel with the sort of threat inflation that led up to the Iraq War. The conclusion – more power – leads directly from the premise – an evolving threat. But we’re a long way from the realm of evidence-based policy here.

Yet even if we took the government at its word about the dark and dangerous online environment, there would still be much to be concerned with.

Fairfax papers reported in April that ASIO now privately believes environmentalist groups are more dangerous than terrorists. This surely says more about the diminished status of terrorism than the rise of green activism. But it also underlines the often political nature of national security enforcement.

The line between lawful and unlawful political dissent is less clear at the margins than we like to admit. Enthusiastic agencies and thin-skinned governments can easily forget there is any difference at all. (During the Second World War, John Curtin’s Labor government even directed ASIO’s predecessor agency to investigate the Institute of Public Affairs – its ideological opponent, and an organisation that was urging the formation of a non-left political party.)

ASIO isn’t the only agency we have to worry about. There are at least 16 Commonwealth and state bodies approved to intercept telecommunications right now. Even the scandal-ridden Office of Police Integrity in Victoria would benefit from these new powers.

Ministers in the Gillard Government have jumped to defend the Attorney-General’s proposals. And the Coalition is “examining the issues carefully”.

Yet given the bipartisan submission to the previous government’s expansion of the security state, it would not pay to be too optimistic.

This is largely because governments are usually passive recipients of the phenomenon of threat inflation, not the drivers of it. Security agencies are easily able to convince politicians they need more support and power, and that any scepticism about pressing national security matters is reckless, even negligent.

The scepticism, unfortunately, has to be left to the public whose civil liberties are at stake.

Obama Beats Bush In Assault On Civil Rights

It’s been fun for the left in Australia to fixate on the Republican candidates for the American presidency. It’s been fun to joke about their policy quirks and eccentricities. Fun to pronounce that nothing is scarier than the prospect of a Santorum or Romney administration. Yes, the Republican race has been a convenient distraction.

Because it would not do to dwell on an uncomfortable, undeniable reality – Barack Obama, the left’s man in the White House, who was supposed to restore America’s standing in the world and end George Bush’s assault on civil liberties, has been much worse than his Republican predecessor.

Obama has undermined more individual rights, and hoarded more presidential power, than Bush ever did. It’s not that he has simply failed to roll back Bush’s anti-terror excesses. Although that is true, as well. It’s that Obama has trumped them. More than 10 years after the September 11 attacks, the White House is still amassing extra security powers. On December 31, Obama signed the National Defence Authorisation Act.

This act allows the military, without judicial authorisation, to arrest and indefinitely detain anybody within American borders.

This power is quite an increase. Under the Bush administration, the military could legally arrest and detain people only in other countries.

American citizens were protected by an 1878 act banning domestic military deployment. Obama no longer observes this legal nicety.

And Obama has claimed the right to assassinate any American citizen he deems a terrorist threat, at any time, according to nothing but his judgment, anywhere in the world. As a former CIA chief recently pointed out, while the President needs a court order to eavesdrop on Americans abroad, he does not need a court order to kill them.

There’s more. George Bush’s once-controversial covert surveillance program has dramatically expanded under Obama. The President’s emergency powers have been boosted. An executive order Obama signed in March (number 13603) grants more to the president in an emergency than any order yet, allowing the government to take over all food, transport, water, energy and health resources and, if the President wants it, to reintroduce conscription.

Executive orders are used to bypass the usual checks and balances in Congress and the courts. As the Cato Institute’s Jim Powell pointed out last month, there is nothing in order 13603 about protecting constitutional rights.

No wonder the director of the American Civil Liberties Union is “disgusted” by the Obama administration’s record. Sure, Obama has withdrawn troops from Iraq. Mission accomplished, as they say. But, on the other hand, he has also personally pioneered an entirely new, more enduring form of global warfare. Drone attacks will remain long after the wars in Iraq and Afghanistan have faded into historical memory.

Because drone war is permanent war. It is limited by nothing more than the whims of the president. It is the first war run entirely by the CIA. It is conducted on the territory of countries to which America is not formally hostile. And it took until February for the administration to even admit the drone war existed.

George Bush’s wars of liberation, right or wrong, had their precedents. Barack Obama’s never-ending global bombing campaign by remote control is his innovation.

It’s a fair bet that no administration will ever shut down the drone program. A competent intelligence agency can always find new threats for a bombing into the Stone Age. So if we simply apply the criteria the left used to condemn Bush as one of the worst presidents in history, there is no ambiguity. Obama is far worse again. Not that you would know about it.

Partisanship has a habit of excusing anything, with 77 per cent of those who describe themselves as left-wing Democrats wholeheartedly approving of Obama’s drone program. Imagine if a Republican did the same thing. There would be anti-drone marches in Washington and candlelight vigils in Paris and Berlin. Now the left is more interested in complaining that Republicans are sceptical about climate change. They ignore, excuse, even – according to the polls – defend their President’s abominable record on war and individual rights. Because he isn’t a Republican.

Internet Laws A Sledgehammer Approach To Privacy

Legislators with little knowledge of internet privacy will do more harm than good.

The protest against the American Stop Online Piracy Act recently, where Wikipedia and 7000 other websites went dark for 24 hours, made two things plain.

First, online activism can be effective. Before the protest, 31 members of Congress opposed the act. After the protest, that number swelled to 122. The bill died overnight.

More importantly, the protest emphasised that the internet is not the Wild West. Domestic laws and international treaties pervade everything we do online. And bad laws can cause profound damage.

The Stop Online Piracy Act (SOPA) is an example of legislative over-reach. SOPA would have given the US government broad powers to shut down access to foreign sites that were suspected of hosting material that breached copyright. This would have given governments the power to interfere with the internal workings of the internet. Such a power would have been an unconscionable threat to free speech.

Yet SOPA is not alone. The internet is surprisingly vulnerable to laws that, with good intentions or bad, have the potential to stifle online liberties. Take for instance, the European Union’s proposed ”right to be forgotten”. Changes to data protection laws now being considered by the European Parliament would give internet users the power to force websites to delete information about them.

There would be privacy benefits from this law. No question it would be lovely if we could make websites remove embarrassing photos or uncomfortable facts years after we uploaded them.

And yes, we need to keep pressure on social networks to protect our privacy. Too many companies are reckless with user data. Yet the EU’s plan goes way too far. A legislated ”right to be forgotten” would be, like SOPA, a threat to freedom of speech. These new rules would, according to the American legal scholar Jane Yakowitz, ”give EU residents an unprecedented inalienable right to control and delete facts that were once voluntarily communicated”.

In the age of social media we all happily put information about ourselves in the public domain. A right to be forgotten is actually an obligation for others to forget things they’ve been told.

Apart from being unworkable (erasing stuff from the internet is a lot more complicated than politicians seem to believe), this new obligation would envelop the internet in a legal quagmire.

The law would turn every internet user into a potential censor, with a veto over everything they’ve ever revealed about themselves. Every time media organisations referred to freely obtained information, they would have to be sure they could prove they did so for a ”legitimate” news purpose. This would create enormous difficulties for journalism. Censorship to protect privacy is just as dangerous as censorship to prevent piracy.

But unlike SOPA, there has been no outcry about these new rules. No blackout of popular websites, no mass petitions.

SOPA was driven by American politicians in the thrall of an unpopular copyright lobby. The European data protection rules are being driven by social democrats claiming to protect people’s privacy. And, in 2012, privacy is a value that many people claim to rate above all others.

By contrast, free speech seems daggy and unpopular. Even our self-styled civil liberties groups have downgraded their support for freedom of speech. Now other rights – privacy is one, the right not to be offended is another – are seen as more important. So these new laws could slip through with disastrous consequences.

Should Australians care what the European Parliament does? Absolutely. The big internet firms are global. If a legislature in one country or continent changes the rules of the game, those firms have to comply. The easiest way to comply is by making global policy changes, not regional ones.

And regulations introduced overseas have a habit of eventually being introduced in Australia. Already our privacy activists are talking up the EU scheme.

Whatever the EU decides about a right to be forgotten, it will have significant effects on the online services we use in Victoria.

Free speech isn’t the only problem with the EU’s proposed privacy laws. As Jane Yakowitz points out, people trade information with corporations all the time – for discounts or access to free services. No one compels us to share stuff on the internet. We share because we think we’ll get something out of it. The new right to be forgotten would make such trades virtually impossible. It could cripple the information economy overnight.

Governments have always struggled to legislate for the online world. Not only do politicians have little understanding of the technological issues, but the internet doesn’t take very well to regulation: according to one old tech saying, ”the net interprets censorship as damage, and routes around it”. So legislators over-compensate.

The internet is complex, borderless and dynamic. Laws are inflexible and heavy-handed. Too many attempts to protect privacy or combat copyright infringement take a brickbat to freedom of expression and internet liberties.