Kaspersky defends Aussie data retention plan

AusCERT delegate warns against going 'too far'.

Kaspersky Labs co-founder Eugene Kaspersky has backed Labor Government plans to mandate retention of user telco and internet subscriber data for two years.

The Russian billionaire and security expert has previously argued against Australian plans to adopt a European cybercrime treaty that requires ISP data retention.

But he defended some governments' plans to introduce or bolster data retention regimes at the AusCERT 2012 conference on the Gold Coast this week.

"It's a good idea," he said. "If governments want to trace someone, they will do it; it's just a technical issue."

The federal Attorney-General's Department has held closed-door discussions with service providers on data retention for at least two years.

Discussions have largely revolved around the retention of internet subscriber data and some information on the contents where possible for a period of up to two years.

That discussion is set to gain public recognition as part of a parliamentary consultation on the matter to be held later this year.

Though generally supportive of the notion, Kaspersky qualified his defence with opposition to a similar data retention proposal in the UK, aimed at providing equal access to user telco data without requiring court orders.

"They're going to introduce all this data collection and police will have access to this data whenever they want. I think that's wrong," he said.

"We were at point zero, and there's a point ten; total control. The right area is maybe point three to five but governments are going to point seven. Governments aren't thinking about privacy."

The move towards data retention proposals globally have been somewhat spurred by international treaties, a measure Kaspersky said was indicative of growing cooperation between countries on cybercrime issues.

Interpol and the International Telecommunications Union (ITU) have moved to establish a global taskforce to coordinate action against online criminal networks from both a network and physical point of view.

"I've been talking about cybercriminals for many years because I understood that it was a very serious problem, that it was becoming more serious year by years and I was knocking on the wall," he said.

"Finally we see that governments are taking it seriously and talking about international cooperation against cybercrime."

Interpol will establish a global cybercrime centre in Singapore by September 2014, while the ITU has already begun global investigations into malware networks with the help of Kaspersky.

One recent investigation traced proxy servers distributing malware to its home in Ukraine, which Kaspersky now dubbed the new hacker's "paradise".

However, he urged governments not to go "too far".

"In the past, I've talked about governments introducing more regulation on the internet to fight cybercrime. Now I'm saying 'ok guys, it's good use but don't go too far'."