Connect with us


Clean Energy Regulator, WA Mines Department, and Vet Surgeons Board trying to access metadata: Comms Alliance



(Image: Getty Images/iStockphoto)

Agencies trying to access metadata when not specifically listed as an enforcement agency for the purposes of Australia’s data retention regime has been labelled as a “serious and persistent phenomenon” by the Communications Alliance industry group.

Writing in a submission to the Parliamentary Joint Committee on Intelligence and Security (PJCIS) review of the mandatory data retention regime, Comms Alliance said it was a “problem that continues to grow in magnitude”.

Comms Alliance provided a list of 27 agencies to be added to the list of agencies it disclosed in November.

Those agencies are:

  1. Australian Communications and Media Authority (ACMA)
  2. ASIC WA
  3. Australian Building & Construction Commission
  4. Australian Sports Anti-Doping Authority
  5. Australian Transport Safety Bureau
  6. Clean Energy Regulator
  7. Coroners via NT Police
  8. Coroners via Tas Police
  9. State Coroner’s Court
  10. WA Department of Mines, Industry Regulation & Safety
  11. SA Department of Consumer and Business Services
  12. Health Support Queensland
  13. Hunter Region Illegal Dumping Squad
  14. Legal Services Commission
  15. Liverpool City Council
  16. Local Government Investigations and Compliance Inspectorate (Vic.)
  17. National Disability Insurance Agency
  18. NT Office of Information and Public Interest Disclosures
  19. Office of the Health Ombudsman (Qld)
  20. Queensland Office of Industrial Relations
  21. Report Illegal Dumping (NSW)
  22. SafeWork NSW
  23. State Penalties Enforcement Registry (Qld)
  24. Veterinary Surgeons Board of WA
  25. Victorian Building Authority
  26. Victorian Fisheries
  27. Victorian Ombudsman

The submission added that even some of the agencies that are not enforcement agencies are able to gain data, but they are not able to interpret the metadata.

“They then take up more of the CSPs’ time to explain the data, then sometimes also call on CSPs [carriage service provider] to appear in court on relatively minor issues as expert technical witnesses,” the submission said.

Read: Optus gained exemption to store metadata unencrypted

“These additional impositions on the time and resources of CSPs also, of course, go unreimbursed.”

The industry group is calling for the closure of the loophole that allows agencies to use existing powers outside of the data retention act to access metadata.

When the metadata laws were passed, access was reduced to 21 enforcement agencies. However, subsequently, 61 agencies that previously had access to metadata were looked to be declared as enforcement agencies.

As reported previously by ZDNet, the Attorney-General’s Department had previously been advising agencies and departments to attempt to access metadata through other means.

“On advice from the Attorney-General’s Department, the department has considered other methods of obtaining metadata using statutory coercive powers under portfolio legislation, and by engaging the Australian Federal Police (AFP) to obtain metadata,” the Department of Agriculture and Water Resources wrote a letter dated June 10, 2016, and published on RightToKnow.

“The department has received preliminary legal advice as to the merits of using coercive powers, which suggests that the approach is problematic due to the construction of portfolio legislation.

“Advice received from the AFP indicates that it does not have the resourcing, compliance, or risk considerations to obtain metadata on behalf of other agencies, including the department.”

The Comms Alliance said 94% of all metadata requests were made for data less than a year old, with 79% for data less than 3 months old.

“This demonstrates that the approach taken by the Australian government when drafting (and passing into law) the DR [data retention] regime was unnecessarily wide,” it said.

“While significant investments into storage capabilities have already been made, Industry considers that a shorter retention period would be more appropriate, also with view to a potential increase in telecommunications data that may be generated as technologies evolve.”

See also: Home Affairs floats making telcos retain MAC addresses and port numbers

The industry group said due to the “very wide” definitions in the legislation, it is possible that machine-to-machine communication would be included, and this would lead to “exorbitant costs” for carriers due to the “explosion” in data with Internet of Things devices.

“The legislation ought to put beyond doubt that such communications are excluded from the DR Regime,” it said.

In earlier submissions, enforcement agencies said they were happy with the two-year period, but in an ideal world like, they would like to see it be extended to a longer period.

“It will be many years before the telecommunications data which is presently still retained by telecommunications providers, outlives its usefulness to law enforcement,” the Australian Commission for Law Enforcement Integrity said.

“The dangers of mandating a minimum retention period include the possibility that telecommunications providers, which presently retain more data than is required under the regime, will eventually, and perhaps sooner rather than later, reduce their holdings, and that all providers will treat the minimum as a maximum.”

Meanwhile, Optus confessed it received an exemption to keep its legacy systems free from encryption when complying with its data retention obligations.

“The legislative provisions which allow for certain exemptions to be granted were an important factor in Optus achieving compliance in an efficient and timely manner,” Optus said.

“Because part of its overall data retention architecture involved storing some data in legacy systems, Optus applied for and received limited exemption from the encryption obligation.”

The telco said there had been no reported “security incident or breaches” related to the retained data.

Home Affairs also ran the line that everything was fine with the data retention regime because no breaches had been reported.

“The evidence to date supports that the existing data security arrangement have been effective,” the department overseen by Peter Dutton said.

Home Affairs, meanwhile, also floated the idea of extending the retained data set to include MAC addresses and even port numbers.

“Including media access control (MAC) addresses and devices which identify serials would provide better information as to which device was being used at the time of an offence,” the department said.

“MAC data is not currently retained under the Data Retention Act, but is a form of data that will become increasingly important to law enforcement and intelligence agencies. Where providers do retain this information, it is a significant investigative tool.”

The department at the same time put forward the idea of tracking port numbers used by mobile devices.

Related Coverage

Home Affairs floats making telcos retain MAC addresses and port numbers

Soon it might just be easier for Australia’s telcos to keep a copy of every TCP or UDP header for the cops to poke through.

Optus gained exemption to store metadata unencrypted

Use of legacy applications allow Optus to seek an exemption from the rules.

Australian enforcement agencies angling for metadata review on telco cost recovery

Agencies are very happy with Australia’s data retention scheme, with one using it in 90% of investigations.

Local councils and taxi commission continued to seek telco metadata: Comms Alliance

The Communications Alliance has detailed a list of agencies that tried to access telco metadata following the introduction of Australia’s metadata retention regime.

Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *


This Bugatti Divo Lady Bug’s geometric paint job is truly one-of-a-kind



The Bugatti Divo is a Chiron for the racetrack, but this Lady Bug version with its diamond-shaped fading patterns is best appreciated while the car is stationary. As if the Divo is not outrageous enough, one lucky customer in America wants to push the boundaries further. And as expected, Bugatti pulled it off, although it took quite a while to iron the challenges of creating an exclusive, one-off Lady Bug paint job.

“Every Bugatti Divo is one of a kind. With the custom-made ‘Lady Bug,’ Bugatti has demonstrated the full range of its customization expertise,” said Stephan Winkelmann, President of Bugatti. The car really demonstrates what the marque is capable of in terms of creativity and craftsmanship.”

Creating Lady Bug’s geometric-dynamic algorithmic fading pattern seems easy on paper. Given the Divo’s three-dimensional sculpted body, the 2D digital patterns became distorted upon application to the car’s body, which is not good enough if you’re paying upwards of $5-million for a track-ready version of the Bugatti Chiron.

“The Lady Bug was an exceptional challenge and, at the same time, an unforgettable experience. Due to the nature of the project, where a 2D graphic was applied to a 3D sculpture, we were close to giving up,” said Jörg Grumer, Head of Color & Trim at Bugatti Design. “However, it is our profound conviction that we should never give up and that our foremost motivation should always be to make the impossible possible for the customer.”

The entire project took two years to complete as Bugatti CAD modelers simulated and created a diamond pattern design with around 1,600 individual diamonds in six-meter long transfer films. Each diamond (yes, all 1,600 of them) is checked and realigned in the body to rule out any distortions.

The designers spent countless hours rehearsing the application procedure on two test vehicles before the moment of truth.

“Every maneuver had to be exactly right in this painstaking task; therefore, we decided to do another rehearsal before the final stage of work. Because there could only be one attempt on the customer’s car, and that had to be perfect,” said Dirk Hinze, an expert in customization and surfaces at Bugatti.

The final step is applying the paint finish before painstakingly peeling away each diamond. The base color, Customer Special Red, is contrasted with graphite and clear coat to invert the pattern. According to Bugatti, it took the paintwork artist two weeks to sand, smooth, check, retouch, and re-sand every millimeter of the body surface.

The result is a one-of-a-kind Bugatti Divo Lady Bug, the only one in existence. It has a standard 8.0-liter W16 engine pumping out 1,479 horsepower. Since the Divo weighs less and has more downforce than a regular Chiron, it goes around the Nardo handling circuit a full eight seconds faster than the former.

Continue Reading


Hot Wheels Red Line Club vehicles no longer limited to members



In the year 2021, the Hot Wheels Collectors Club will expand with a digital option for memberships. With said membership, Hot Wheels will release the 2021 Red Line Club ’70 Boss 302 Mustang. This year’s Hot Wheels Red Line Club die-cast car will be the first to be offered without the membership limit, allowing “a more inclusive opportunity for fans 18+ to join the collector community and have access to the highest-quality cars.”

The Hot Wheels Red Line Club vehicles released over the past few years have become relatively sought-after and valuable – so long as they’ve been kept in good condition and are put up for auction and/or direct sale at the right time. In any case, Hot Wheels Red Line Club vehicles are some of the most extravagant collectable items released by Hot Wheels.

Hot Wheels Red Line Club vehicles released in the past were only initially made available to “a limited number of Hot Wheels Collectors members.” Now they’re expanding availability. “For the first time ever, Hot Wheels Collectors will lift its membership limit completely” for hot Wheels Red Line Club die-cast vehicles.

Of course there are still OTHER reasons why a person might want to join the Hot Wheels Collectors Club, like members-only forums, voting privileges, “exclusive content” and “excusive items.” Members also get “priority access to sales.” Take a peek at the Hot Wheels Collectors membership page to see what’s up with perks and the Red Line Club vehicle(s) coming next.

Does this lifting of restrictions on the Red Line Club car line affect you or your outlook on the vehicle line as a whole? Take a peek at the timeline below for more information on other recent Hot Wheels releases and stories from recent weeks on the state of Hot Wheels in our larger-sized world today.

Continue Reading


Lunaz adds classic Bentleys to its lineup of electrified British cars



British electric-conversion specialist Lunaz adds classic Bentleys to its lineup after dabbling with electric versions of vintage Rolls-Royces, Jaguars, and Range Rovers. Lunaz claims its 1962 Bentley S2 Continental Flying Spur is the “definitive Gran Turismo” and is the world’s first electric classic Bentley.

It starts with factory original and coach-built bodies of a Bentley Continental S1, S2, or S3 manufactured from 1955 to 1965, in a coupe and four-door Flying Spur body style. Visually, Lunaz has retained all the classic lines and creases of the original body, hammered and carved to perfection by Mulliner Park Ward. The only visual mod is the paint, custom-chosen by the buyer, of course.

Underneath that gorgeous body, though, is a different story. All the vintage bits and pieces are giving way to modern components. You won’t find a 6.2-liter V8 Bentley engine under the hood, and all the suspension and brake parts are new. Lunaz failed to discuss the powertrain specifics, but we’re assuming the Bentley will carry the same electric drivetrain as the firm’s very own electric Rolls-Royce Phantom V and Silver Cloud.

Powering the electric motors is a 120 kWh battery pack with enough energy to cover 300 miles of range. It also has modest oomph to push the Bentley from zero to 60 mph in under five seconds, not bad for an unassertive vintage British car.

Meanwhile, the interior is as British as a cup of tea. All the leather and walnut trim are there, with each piece carefully hand-restored to match the original. Lunaz also gave its classic Bentley a new retro-style infotainment screen and climate control system. Also, electric power steering is now standard.

After building its first customer car, Lunaz is now accepting orders for its limited run of electrified S1, S2, and S3 Bentley Continental variants. And as expected, the sub-$500k (£350,000) base price is sure to leave a gaping hole in your bank account. Nobody said a vintage electric Bentley would come cheap, right? Also, the build slots are ‘extremely limited,’ so better act quickly.

Lunaz Bentley Continental Gallery

Continue Reading