EmailDiscussions.com

EmailDiscussions.com (http://www.emaildiscussions.com/index.php)
-   FastMail Forum (http://www.emaildiscussions.com/forumdisplay.php?f=27)
-   -   Stunningly bad privacy law just passed in Australia - what does it mean for FastMail? (http://www.emaildiscussions.com/showthread.php?t=74082)

ioneja 7 Dec 2018 10:57 PM

Stunningly bad privacy law just passed in Australia - what does it mean for FastMail?
 
So a remarkably short-sighted, overreachingly invasive -- and some are calling it "dangerous" and "disastrous" -- privacy/encryption law just passed in Australia, and I am very interested in what it might mean for FastMail? Not to mention the ramifications and direction for the rest of the Five Eyes countries, the whole industry, and frankly the entire Internet.

I'm hoping FM will post something soon about it, as it has when other similar things have come up in the past. Although, this has to be the very worst of this kind of legislation I've seen from a democratic country.

I can't even begin to express the myriad of issues this presents... better to leave it to the press to explain in case you've missed it:

Australian Government Passes Contentious Encryption Law
https://www.nytimes.com/2018/12/06/w...ill-nauru.html

Australia passes controversial anti-encryption law that could weaken privacy globally
https://www.theverge.com/2018/12/7/1...-global-impact

Australia's 'Disastrous' New Encryption Law Throws Privacy on the Barbie
https://breakermag.com/australias-di...on-the-barbie/

Google, Apple, Facebook face world-first encryption laws in Australia
https://www.cnet.com/news/australia-...-apple-amazon/

Tech companies slam new Australian law allowing police to spy on smartphones
https://www.cnn.com/2018/12/07/tech/...ntl/index.html

Controversial anti-encryption laws rushed through by Australian Government
https://www.techradar.com/uk/news/co...ian-government

petergh 8 Dec 2018 02:24 AM

They wrote about it on their blog in September:

https://fastmail.blog/2018/09/10/acc...sistance-bill/

Nicola Nye, their chief of staff, vented her frustration on Twitter:

https://twitter.com/impishfae/status...37538632736768

You'll find more official replies from Fastmail on Twitter, just search for #aabill or @Fastmail to go through all the responses to questions from various customers.

I'm sure they'll write up something on the blog in due course.

Edit:

This tweet confirms my assumptions above: https://twitter.com/FastMail/status/1071092471352958977

"Hello! As we blogged in September, we don’t think it affects FastMail services. We will carefully look at the final state in which the bill was passed (including amendments) and issue an update when we've had a chance to get advice."

FredOnline 21 Dec 2018 05:01 PM

Advocating for privacy in Australia
 
@FastMail on Twitter today:

Quote:

Our updated response to the #aabill in Australia, including what it means for services using encryption, our criticisms of the law, and why our service is still not affected.
https://fastmail.blog/2018/12/21/adv...ill-australia/

dipole 21 Dec 2018 09:38 PM

I'm not sure saying that you already bend over backwards to assist law enforcement so you are not affected by this bill is making anyone feel any better.

I hate to say it but after 8 years I'm finally moving on and cancelling. I really enjoy the service but you will be affected by this law and to saying that you are not is just just splitting hairs. Australia is going down a dangerous road and I can't see why anyone would trust their privacy with any company in that country.

dipole 21 Dec 2018 09:39 PM

I'm not sure saying that you already bend over backwards to assist law enforcement so you are not affected by this bill is making anyone feel any better.

I hate to say it but after 8 years I'm finally moving on and cancelling. I really enjoy the service but you will be affected by this law and to saying that you are not is just just splitting hairs. Australia is going down a dangerous road and I can't see why anyone would trust their privacy with any company in that country, or any 5 eyes country for that matter.

Terry 22 Dec 2018 06:47 AM

Quote:

Originally Posted by dipole (Post 608625)
Australia is going down a dangerous road and I can't see why anyone would trust their privacy with any company in that country, or any 5 eyes country for that matter.

Sorry but I disagree, its ISS,, drug and money laundering related and really has nothing to do with the average user.

If you have something to hide then yes I can understand that you will be cancelling your service....:D:D:D

communicant 23 Dec 2018 12:04 AM

Quote:

Originally Posted by Terry (Post 608630)
If you have something to hide then yes I can understand that you will be cancelling your service....:D:D:D

It is depressing to see the tired old "I have nothing to hide" argument crop up again. There are so many good counter-arguments and illustrative and persuasive examples that it should hardly be necessary to trot them out again, but at every new blow against even the principle of basic privacy, someone is sure to pipe up and say "Why should I worry? Nobody who has nothing to hide should worry about this."

My usual tack with such thoughtless declarations is to ask people if they talk differently to family members or close friends when they know they will be overheard, as in a lift (elevator) or small restaurant, as opposed to how they would speak to the same people when alone and unheard by others. Most people would say yes, of course they do.

If you knew that all of your email was presumptively available to strangers to read, to your boss or to the govenment, wouldn't you write some things differently and omit writing other things completely, even if they were reasonably innocent and not obviously "something to hide"? Of course, unfortunately, as a practical matter that is technically already the case, considering the ubiquity of hackers, your ISP's abilities, the inexorably feckless Facebook's latest outrage, and government surveillance capabilities. Some measure of vulnerability must be assumed, but unless you are specifically targeted for some reason, it is unlikely that your messages will be read. They might be scanned by a computer for commercial purposes, but while that is certainly not desirable, neither does it conjure up memories of East Germany and the Stasi the way the Australian law does.

Just because your body lacks overtly hideous blemishes or other deficiencies that trouble or embarrass you and make you feel like the Elephant Man, would you strip naked and submit to being seen by strangers who have no clear need or entitlement to see you in that state? Unless we were clinical exhibitionists, most of us would not, even if we thought fairly well of our naked selves.

Here's a summary by the people at DuckDuckGo that summarizes the situation fairly well:

_________________________________________________________
Three Reasons Why the "Nothing to Hide" Argument is Flawed
FILED UNDER OPINION ON 27 JUN 2018
Over the years, we at DuckDuckGo have often heard a flawed counter-argument to online privacy: “Why should I care? I have nothing to hide.”
As Internet privacy has become more mainstream, this argument is rightfully fading away. However, it’s still floating around and so we wanted to take a moment to explain three key reasons why it's flawed.
1) Privacy isn’t about hiding information; privacy is about protecting information, and surely you have information that you’d like to protect.
Do you close the door when you go to the bathroom? Would you give your bank account information to anyone? Do you want all your search and browsing history made public? Of course not.

Simply put, everyone wants to keep certain things private and you can easily illustrate that by asking people to let you make all their emails, texts, searches, financial information, medical information, etc. public. Very few people will say yes.

2) Privacy is a fundamental right and you don't need to prove the necessity of fundamental rights to anyone.

You should have the right to free speech even if you feel you have nothing important to say right now. You should have the right to assemble even if you feel you have nothing to protest right now. These should be fundamental rights just like the right to privacy.

And for good reason. Think of commonplace scenarios in which privacy is crucial and desirable like intimate conversations, medical procedures, and voting. We change our behavior when we're being watched, which is made obvious when voting; hence, an argument can be made that privacy in voting underpins democracy.

3) Lack of privacy creates significant harms that everyone wants to avoid.
You need privacy to avoid unfortunately common threats like identity theft, manipulation through ads, discrimination based on your personal information, harassment, the filter bubble, and many other real harms that arise from invasions of privacy.

In addition, what many people don’t realize is that several small pieces of your personal data can be put together to reveal much more about you than you would think is possible. For example, an analysis conducted by MIT researchers found that “just four fairly vague pieces of information — the dates and locations of four purchases — are enough to identify 90 percent of the people in a data set recording three months of credit-card transactions by 1.1 million users.”

It’s critical to remember that privacy isn't just about protecting a single and seemingly insignificant piece of personal data, which is often what people think about when they say, “I have nothing to hide.” For example, some may say they don't mind if a company knows their email address while others might say they don't care if a company knows where they shop online.

However, these small pieces of personal data are increasingly aggregated by advertising platforms like Google and Facebook to form a more complete picture of who you are, what you do, where you go, and with whom you spend time. And those large data profiles can then lead much more easily to significant privacy harms. If that feels creepy, it’s because it is.

We can't stress enough that your privacy shouldn’t be taken for granted. The ‘I have nothing to hide’ response does just that, implying that government and corporate surveillance should be acceptable as the default.

Privacy should be the default.
__________________________________________

janusz 23 Dec 2018 12:48 AM

Quote:

Originally Posted by communicant (Post 608637)
Privacy should be the default.

How do you square privacy with a request from a law enforcement officer supported by a regulation paperwork?

BritTim 23 Dec 2018 02:08 AM

Quote:

Originally Posted by janusz (Post 608638)
How do you square privacy with a request from a law enforcement officer supported by a regulation paperwork?

This is a good question. In certain countries, I would 100% not be comfortable with law enforcement having automatic access to my email history. I would make every effort to ensure my email was not being stored in such a jurisdiction. In a country like Australia, the US or the UK, I do not think the current risks are huge. However, it is not impossible that governments will appear in those countries which could grossly abuse subpoena power. Other things being equal, a country with better privacy protection would be preferable.

Terry 23 Dec 2018 09:24 AM

Why do people worry so much about the privacy laws, they are only implemented when someone has broken the law.

.

Terry 23 Dec 2018 10:48 AM

Quote:

Originally Posted by communicant (Post 608637)

Privacy should be the default.

If you use gmail or facebook then you have no privacy.

As I pointed out the only access your data if a crime has been committed.

communicant 23 Dec 2018 07:59 PM

Quote:

Originally Posted by Terry (Post 608643)
Why do people worry so much about the privacy laws, they are only implemented when someone has broken the law.

It is that kind of thinking that makes the effect of the laws even worse. At best, you meant to write "When someone *is suspected* of having broken the law." What it usually comes down to is "when a crime has been committed (or the authorities think one has, or would like to classify something that has happened as a crime), and are on a fishing expedition to find someone who fits the profile of someone who may colorably be accused of having committed it." Then a trial takes place. If it is a fair trial and the person is found guilty, THEN you can write "when someone has broken the law," and not a moment sooner. Or do you dismiss the principle of "innocent until proven guilty"?

I find your statement chilling.

JeremyNicoll 23 Dec 2018 08:05 PM

Quote:

Originally Posted by Terry (Post 608644)

As I pointed out the only access your data if a crime has been committed.

If everyone could be sure that that was so, it might not be so bad. But just because, say, a judge must rule to allow such access, doesn't mean that all judges will in fact apply rigorous standards to deciding whether something should be allowed. Nor can you be sure that a vague request to an ISP for data will first be tightened up so that only the least amount of data has to be revealed.

There is a problem too when legislation intended for one thing is used for something else, eg

http://news.bbc.co.uk/1/hi/uk_politics/8003123.stm

and more recently

https://www.theguardian.com/world/20...-spy-on-public

davy51 24 Dec 2018 05:25 AM

Quote:

Originally Posted by communicant (Post 608637)
It is depressing to see the tired old "I have nothing to hide" argument crop up again. There are so many good counter-arguments and illustrative and persuasive examples that it should hardly be necessary to trot them out again, but at every new blow against even the principle of basic privacy, someone is sure to pipe up and say "Why should I worry? Nobody who has nothing to hide should worry about this."

My usual tack with such thoughtless declarations is to ask people if they talk differently to family members or close friends when they know they will be overheard, as in a lift (elevator) or small restaurant, as opposed to how they would speak to the same people when alone and unheard by others. Most people would say yes, of course they do.

If you knew that all of your email was presumptively available to strangers to read, to your boss or to the govenment, wouldn't you write some things differently and omit writing other things completely, even if they were reasonably innocent and not obviously "something to hide"? Of course, unfortunately, as a practical matter that is technically already the case, considering the ubiquity of hackers, your ISP's abilities, the inexorably feckless Facebook's latest outrage, and government surveillance capabilities. Some measure of vulnerability must be assumed, but unless you are specifically targeted for some reason, it is unlikely that your messages will be read. They might be scanned by a computer for commercial purposes, but while that is certainly not desirable, neither does it conjure up memories of East Germany and the Stasi the way the Australian law does.

Just because your body lacks overtly hideous blemishes or other deficiencies that trouble or embarrass you and make you feel like the Elephant Man, would you strip naked and submit to being seen by strangers who have no clear need or entitlement to see you in that state? Unless we were clinical exhibitionists, most of us would not, even if we thought fairly well of our naked selves.

Here's a summary by the people at DuckDuckGo that summarizes the situation fairly well:

_________________________________________________________
Three Reasons Why the "Nothing to Hide" Argument is Flawed
FILED UNDER OPINION ON 27 JUN 2018
Over the years, we at DuckDuckGo have often heard a flawed counter-argument to online privacy: “Why should I care? I have nothing to hide.”
As Internet privacy has become more mainstream, this argument is rightfully fading away. However, it’s still floating around and so we wanted to take a moment to explain three key reasons why it's flawed.
1) Privacy isn’t about hiding information; privacy is about protecting information, and surely you have information that you’d like to protect.
Do you close the door when you go to the bathroom? Would you give your bank account information to anyone? Do you want all your search and browsing history made public? Of course not.

Simply put, everyone wants to keep certain things private and you can easily illustrate that by asking people to let you make all their emails, texts, searches, financial information, medical information, etc. public. Very few people will say yes.

2) Privacy is a fundamental right and you don't need to prove the necessity of fundamental rights to anyone.

You should have the right to free speech even if you feel you have nothing important to say right now. You should have the right to assemble even if you feel you have nothing to protest right now. These should be fundamental rights just like the right to privacy.

And for good reason. Think of commonplace scenarios in which privacy is crucial and desirable like intimate conversations, medical procedures, and voting. We change our behavior when we're being watched, which is made obvious when voting; hence, an argument can be made that privacy in voting underpins democracy.

3) Lack of privacy creates significant harms that everyone wants to avoid.
You need privacy to avoid unfortunately common threats like identity theft, manipulation through ads, discrimination based on your personal information, harassment, the filter bubble, and many other real harms that arise from invasions of privacy.

In addition, what many people don’t realize is that several small pieces of your personal data can be put together to reveal much more about you than you would think is possible. For example, an analysis conducted by MIT researchers found that “just four fairly vague pieces of information — the dates and locations of four purchases — are enough to identify 90 percent of the people in a data set recording three months of credit-card transactions by 1.1 million users.”

It’s critical to remember that privacy isn't just about protecting a single and seemingly insignificant piece of personal data, which is often what people think about when they say, “I have nothing to hide.” For example, some may say they don't mind if a company knows their email address while others might say they don't care if a company knows where they shop online.

However, these small pieces of personal data are increasingly aggregated by advertising platforms like Google and Facebook to form a more complete picture of who you are, what you do, where you go, and with whom you spend time. And those large data profiles can then lead much more easily to significant privacy harms. If that feels creepy, it’s because it is.

We can't stress enough that your privacy shouldn’t be taken for granted. The ‘I have nothing to hide’ response does just that, implying that government and corporate surveillance should be acceptable as the default.

Privacy should be the default.
__________________________________________



You are 100% right

Just remember Hitler would have love this law:mad:

janusz 24 Dec 2018 05:53 AM

I see no reason why internet-based information should be treated differently ("more privately") than any other sort of data. Law enforcement agents may, in certain circumstances, see your bank account, read documents you store at home, or ask you to empty your pockets. And obviously (and unfortunately) sometimes these actions are taken against innocent people.

So wake up in the real world.


All times are GMT +9. The time now is 05:51 PM.


Copyright EmailDiscussions.com 1998-2022. All Rights Reserved. Privacy Policy