The Metadata Retention measures being considered in Australia make some sweeping assumptions about the semantics of IP addresses and their association with individual subscribers to the Internet. But are these assumptions warranted? The exhaustion of the free pool of IPv4 addresses has prompted a new generation of Internet services that treat IP addresses as ephemeral shared conversation tokens, and retaining address use metadata in such an environment is an exercise in futility. The regulatory environment persists in treating the Internet in the same manner as the telephone network, and as a network-centric service utility, while the revolutionary change that the Internet bought to the communications environment was to reverse the roles of network and attached device, and form a device-centric model of communications. Unless our regulators can grasp the implications of this essential architectural change we will continue to see misplaced and ultimately futile regulatory measures imposed on the Internet, to the ultimate cost of the consumer.
This article examines aspects of the Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015. It shows how the law provides a tactical advantage to investigators who pursue whistleblowers and investigative journalists. The article exposes a discrepancy in the way ‘journalist’ is defined across different pieces of legislation. It argues that the explosion of data generated by the so-called Internet-of-Things (IoT) lead to a loss of user control which will enable non-stop, involuntary and ubiquitous monitoring of individuals.