Passwords a step too far

Over the weekend I read the Child Protection (Child Sex Offender Register) Bill.

As I blogged when introduced, I’m a supporter of it. In fact I think over time you might widen its eligibility criteria to other serious crimes.

But there is one section of the bill, which goes too far in my view. Child sex offenders are near the lowest of the low, and I’m all for a register to allow authorities to track them. But let’s look at the list of personal information to be reported:

  • Name/s
  • DOB
  • Address/s
  • Identity of children in same residence
  • Nature of work and name and address of employer
  • Membership of any groups with kids in them
  • Details of cars owned or driven
  • Details of tattoos etc
  • Passport details
  • Numbers of landlines or mobile phones

So far so good. Then we turn to the Internet details:

  • details of e-mail addresses used
  • details of online accounts and aliases used or intended to be used

Again no problems. But:

  • details of any ISP used or intended to be used including login details, user name and password


That would then give the state the ability to monitor basically their Internet communications. A government official could login and see every e-mail sent to or from them. And this could be for life.

Everything else is reasonable. But the password is not. It is the Internet equivalent of having the state listen in to every phone call you make – without any warrant. Or open every item in the post to and from you – without a warrant.

If there is reasonable cause for concern, then they can get a warrant to intercept the communications. I’m okay with those on the register having to hand over usernames and login details so they know what accounts to target if there is concern. But including the password in the register of information is a step too far.

Comments (27)

Login to comment or vote