[Note: this article has since been rewritten and updated with additional information. It can be read, here.]

After a quick discussion on Radio Australia regarding Nicola Roxon's support for Data Retention plans, it's worth listing some of the concerns and issues that came up. What follows is by no means an exhaustive or remotely-balanced discussion of all the issues - it raises the key technology and privacy-based concerns to help with further debate. This is important as few people are aware of the details beyond the primary claim that these laws are simply to fight crime and terrorism (that old chestnut). Here's why you should care even if you're the most law-abiding of people.

Firstly, it's worth pointing out that as soon as anything to do with technology or the internet starts getting banded about, large sections of the public start switching off. They can't relate to it. However, imagine this was a law that saw the police attaching a tracking chip to you so that they could track all of your movements around town and overseas and store them for two years at a time in case you (or someone you knew) were ever involved in a crime.

Now consider that people nowadays store more personal information online than they do in their house. Would you want the police or ASIO to stroll into your house without permission or whenever they wanted to because they thought you might be involved in a crime?

This brings us on to the next concern...

Being forced to hand over your private passwords

I never really thought of myself ever likely to spend time in a prison, but if not handing over passwords to private email or Facebook messages is to become a crime, then the potential for me going to jail one day has just risen significantly. I wouldn't do that on principle, ever. Now I find myself actively playing out scenarios involving me having to tell the police that I won't cooperate.

This is exacerbated by the next issue.

I'm a journalist and we are supposed to protect our sources.

There have been noises made with regards to journalists protecting sources for some time now, however, these laws potentially do away with any such requirement. As was just mentioned on the radio, it's normal for callers to call in anonymously and talk about potential criminal activity or blow whistles to raise awareness. However, the proposed legislation would allow police to track down that person regardless of a journalist's wishes. Even the thought of that happening should be enough to put whistle blowers off speaking out and that severely undermines one of the functions of the media.

Then there is the undermining of the Right To Remain Silent.

I suspect that many people think this right only applies to criminals. I did too. Right up to when I watched the following video. While it's US based the first part provides an incredibly compelling argument from a law professor on why you should never talk to police as the potential for damning yourself (guilty or not) is extraordinarily high. Throughout the talk he baits the next speaker who is a police officer (and hugely-experienced interrogator) on how interesting a counter argument will be only for that speaker to eruditely agree with everything the lawyer said. They are long but fascinating and well worth watching.

Another huge concern is security

The stored records, which would be vast in size, are supposedly to be kept by ISPs. These aren't companies trained in privacy issues or who are required to background-check employees - they're businesses who have naturally spoken out against having this storage burden dumped upon them at huge cost (a figure of $700m per year has been mooted with any figure most likely being passed on to the public). However, of enormous concern should be security.

Just last night Anonymous hacked an FBI operative's laptop (alarming in itself) and discovered full customer details and Unique Device Identifying numbers for some 12 million Apple products (what the FBI was doing with this information is another issue). The number of high-profile hacks on government and companies is growing all the time. Barely a month ago, hackers published reams of customer information from Australian ISP AAPT.

It's not like companies learn from being hacked either. After being repeatedly hacked last year and despite protestations on each occasion that it had learned from its mistakes, Sony got hacked yet again just a few days ago. Are we expecting ISPs to suddenly become military-grade privacy protectors? Even the military gets hacked - witness the Stratfor (US Defence contractor) debacle plus the entire Wikileaks saga.

Exposure

Now let's look at what could be done with that data. It's one thing to embarrass someone by exposing that they go to porn sites. What if it were discovered that they regularly visited BDSM sites? What if they were a member of an adult baby club? What if all of the websites they went to were for gay people? What if they were looking up Sexually Transmitted Infections? What if they were looking up HIV and AIDS treatment sites? What if medical insurance companies saw that someone had a pre-existing condition? What if someone was exposed frequenting websites of a particular political party? What if they frequently went to haveanaffair.com.au?

Roxon says that necessary safeguards will be taken to prevent this from happening. Let's be very clear about this, that is a meaningless promise that she has no ability to uphold. Nothing is secure online, and any claim otherwise is nothing more than rhetoric.

The body scanners lies and privacy fails

Finally, for now, it's worth pointing out that governments and law enforcement agencies aren't always the most trustworthy of people. A related example is the body scanners furore. Here, the latest generation of body scanners provide images in such high definition that they basically show the person completely naked. Despite numerous official assurances that images were not to be stored and that operators would be trained not to react to them, shortly afterwards one UK operator scanned a colleague to look at her "gigantic tits". More recently a US courthouse was recently caught out having stored some 35,000 images of people passing through its scanners while in India pictures of a film star were circulated among staff. There are also issues to consider regarding future changes of governments, policy creep and thin ends of wedges (which are beyond the scope of this article).

This is in no way an exhaustive, balanced description of the issue, however, it does give a taste for just some of the technology and privacy issues that need to be brought to the public domain and discussed in order for Roxon's claims of a 'balanced discussion' to be validated. At present, a great deal of media coverage cheerfully repeats Roxon's claims on why the plans are in the public interest. But some of the claims she makes are oversimplified and don't stand scrutiny. She's also omitted a great deal of information giving lie to calls that the plans are too sweeping, ham fisted and half baked.

The host of my radio show pointed out that Australians cared deeply about their privacy as was illustrated by the rebellion against the introduction of ID cards. Yet, a recent call for public submissions saw less than 200 published with many coming from law enforcement agencies supporting the scheme. This all begs the following questions: does privacy even matter to people anymore? Is the general public put off by anything that involves discussing digital issues and the internet? Also, are they being informed properly?