Australian Metadata Retention Law: #timeforVPN

About two years ago, Parliament of Australia passed a metadata retention law as one of the attempts to fight against terrorism. According to it, Internet Service Providers and telecommunication companies have to log online activities of their users. What does this mean for Australians? Well, the answer might not be as pleasing as one could expect.

Since April 13, 2017, this law has come into effect allowing ISPs and telcos to collect users’ metadata and store it for two years; making it possible for law enforcement and intelligent agencies to have the access to it.

Now, this third party has the legal right to capture and retain for quite a long period of time the information about who you call and when and from what location you do this; the same goes for emails and other ways of communication. Every single time you are online – you get recorded. But one should note that ISPs and telcos don’t collect the content of your calls, messages, emails and so on. They just get the general info about the history of your communication: time, duration, location, who you contact (names, addresses, phone numbers) etc. Basically, the metadata is the data on another data. So it provides the information that can lead to revealing more sensitive information. And this can be highly crucial when we talk about virtual privacy and safety.

Is the retained metadata really safe? Or is there a way it can get leaked?

For service providers, it may be quite expensive to encrypt the personal data and have it stored in a safe environment. That’s why there are risks that metadata of millions of citizens in Australia can be hacked or accessed by unauthorized parties.

And we have the first proof. The first breach. Not to mention, it has been only 2 weeks after the mandatory law came into force. Is it already a failure of the system?

On April, 28th Australian Federal Police (AFP) revealed that one of their police officers obtained access to the personal data of a journalist without following the new metadata retention law. AFP Commissioner Andrew Colvin told that their officer got records on phone calls of the journalist without a proper warrant. Also, he added that once they found out about the breach they immediately stopped the investigation of that case.

What can Australian users do to protect their personal data?

Below is presented the statistics on Google searches of the last 30 days. Obviously, people from Australia have started to seriously think about getting a VPN.

AU Google searches for VPN

Of course, Virtual Private Networks can come into rescue in times like these. Even a privacy group Digital Rights Watch (DRW) has launched a Twitter campaign called #GetaVPN. And April, 13th is marked now as Australia’s National Get a VPN Day.

With VPNs, any data exchanged on the internet will become invisible to 3rd parties. Internet traffic gets rerouted through tunnels where the data gets encrypted. Also, reliable VPN providers don’t keep logs on activities of their customers. Therefore they couldn’t reveal it even if requested by authorities. So, you can be sure about your digital safety and privacy. Moreover, there are lots of useful features that VPNs offer their users, so either way, you have a package of a good service, and on top of that you can avoid surveillance and enjoy being online.