Tuesday, July 17, 2012

I Am Having A Bad Case Of Cognitive Dissonance With This - The Government Can’t Have It Both Ways.

In the last few days there have been a number of articles on the Government’s desire to access historical web and phone data.

Government defends web spy powers

Date: July 13, 2012

Dylan Welch and Ben Grubb

THE Gillard government has defended a plan to force telcos to store the internet and phone data of all Australians for up to two years, saying it is needed to allow our intelligence and police agencies to effectively target organised criminals and terrorists.
''In this day and age, an age where governments all around the world are grappling with the challenges of terrorism and organised crime, it is important that our relevant agencies have access to the information that they need,'' the assistant Treasurer, David Bradbury, said.
The Coalition, however, has refused to throw its support behind the controversial data-retention scheme, with its legal spokesman, George Brandis, who also sits on the committee reviewing the proposal, only saying he would ''examine the issues carefully''.
His response was sparked by a Fairfax Media report, which stated the scheme was being considered as part of a review of national security legislation by a parliamentary committee.
More here:
At the same time we have an enormous song a dance about how secure and private information flowing back and forth to our NEHRS / PCEHR record is going to be.
While opinions vary there are certainly some experts who are already a little concerned about the general security of the system.
See here for example.

E-health record will be hacked, says AusCERT

Written by Nayantara Mallya, Chillibreeze on Monday, March 12, 2012 10:18
news One of Australia’s top IT security organisations has warned that the Federal Government’s flagship e-health records project is likely to be broken into, with Australians’ medical and identity information to be used for fraud and other criminal activities.
AusCERT, Australia’s Computer Emergency Response Team, which is not associated with the Government, in its submission to an inquiry about the legislation dated in January (PDF), criticised the Government’s Personally Controlled Electronic Health Records (PCEHR) Bill (2011). In its commitment to protecting the privacy and security of Australian Internet users, AusCERT has expressed concern that miscreants could potentially use the PCEHR for identity theft and fraud. The submission was first reported by the AustralianIT.
AusCERT opines that enabling accessibility to personal identifying information in the form of the PCEHR from personal computers over the Internet will only worsen an ongoing problem that will make Australians vulnerable to fraud and identity theft. The submission focuses on the use of untrustworthy end point computers and mobile devices, which when compromised, will enable attackers exert full control over the PCEHR to look at or change its contents with the same privileges as the owner or authorised users.
Vastly more detail here:
So what we have here is the following.
1. The Government wants to be able to get at and track any internet activity we have undertaken in the last 2 years.
2. The PCEHR is claimed to be secure but some are not so sure.
3. You are going to be using the Government ‘hackable’ internet to send your private personal information to and from the PCEHR.
Whether you are comfortable with all this depends on your view about whether ‘the Government is always here to help’ or not. For mine, I would be carefully considering before putting any information in the NEHRS / PCEHR that I seriously wanted to remain private.
As always it is your call, but I just wonder how the claims of great security and a desire from Government to be a legal ‘hacker’ when it feels it needs to be, actually gel together.