Technology

COMMENT
Save
Print

How to protect your metadata with a VPN

23 reading now

From Thursday, the Federal Government's Metadata Retention Scheme becomes compulsory for telcos and internet service providers in Australia. This means your metadata - including text messages, location information and internet connection details - will be stored for two years and available to Government agencies to access on request without a warrant.

If you value your privacy, you're going to need a virtual private network (VPN) to help mask your online activity. Here are some tips from the consumer protection group Electronic Frontiers Australia (EFA), along with the best guides from our archives.

Up Next

Private Sydney: Jessica Kahawaty: unknown known model

null
Video duration
02:00

More Entertainment News Videos

Animation: How VPNs work

Watch this breakdown of how Virtual Private Networks are helping Australians get access to geo-blocked content such as US Netflix.

Online rights organisations are calling today "National Get a VPN Day" in a bid to stir up resistance against the government's new data retention laws.

According to the EFA, VPNs are one of the most effective tools for protecting privacy when using the internet due to the degree of anonymity they provide when accessing online services. They can also provide ordinary civilians protection against "eavesdropping and government surveillance".

"As with any industry, the quality of VPN services varies considerably, particularly in relation to privacy issues and people should therefore be well-informed before selecting a provider," the EFA explains.

Here are the EFA's top tips for choosing the right VPN for your needs:

Advertisement
  • What data does the VPN record? Is the VPN retaining web logs? Does the VPN know your IP address and the times that you connect to their servers? Also, what kind of advertising data does the VPN service store and does it hand that data over to third parties?
  • How long does the VPN store data? Nearly all VPNs will store some data in order to troubleshoot network issues. However, the duration of that storage plays a key role in terms of the privacy protection afforded to users. After all, if the data has been deleted, then it cannot be accessed by a third party. Ideally, a VPN should be wiping user data within hours of it being recorded. If a VPN is storing data for anything more than a few days then beware.
  • Read the privacy policy carefully. If you don't find the answers to your questions in their privacy policy then ask them directly, or steer clear.
  • What country are they based in? For example, you may want to avoid services based in Australia, UK, US, New Zealand or Canada (the so-called 'Five Eyes' countries, which have comprehensive intelligence-sharing arrangements in place). You may also want to avoid services based in countries with authoritarian governments.
  • What payment methods do they support? Using BitCoin and/or other digital currencies will provide you with an extra layer of anonymity

The EFA is also calling for Australians to contact their local MP regarding the dangers of mandatory data retention - communicating to them the main points of concern:

  • All access to this data should require a warrant - not just for journalists' data (the only people currently protected). A majority of European Union countries require some form of independent, judicial authorisation for access to this sort of data, so there's no reason why Australians shouldn't enjoy the same protection.
  • It's important that additional agencies aren't added to the list that are allowed access to this data. The one good part of the data retention legislation is that it reduced the number of agencies able to access this data from literally hundreds to less than two dozen (Police and anti-corruption bodies mainly).
  • The two year retention period is unjustifiably long and must be reduced to at most six months.

Lifehacker Australia is your expert guide on how to get things done and do everything better.