Eyes Wide Shut
A few days ago I was listening to an episode of It Could Happen Here — Cooper Quintin and Colonel Panic from the EFF walking through the American surveillance state. Flock cameras on every corner. Cell site simulators at protests. Facial recognition with no accountability, built on databases scraped from your social media without asking. PenLink buying location data harvested from your phone’s apps and selling it to law enforcement — no warrant required, because it came from advertising networks instead of a phone carrier.
I listened to the whole thing nodding, feeling quietly relieved not to live in the United States.
Then I started digging into what Australia has actually built. And the relief evaporated.
The details of what I found — the metadata laws, the encryption backdoors, the account-takeover legislation, the biometrics at scale — are in the follow-up to this post. What I want to talk about here is the question underneath it all: how did we build this much, this quietly, with so little friction?
The Americans Are Still Arguing. We Already Decided.
The thing that struck me about the podcast wasn’t how bad the US situation is — it was the friction. The EFF is in court. The ACLU is filing briefs. Communities are showing up to council meetings in numbers. In Asheville, North Carolina, over 100 people turned up to oppose a real-time intelligence centre, and the city backed down. States like California have passed laws restricting how police share data. There are tools being built — RayHunter to detect fake cell towers, WeSpy to map surveillance cameras — because people are organised enough to fight back.
That friction exists because Americans have cultural and constitutional infrastructure for it: a Fourth Amendment that courts have spent decades interpreting, civil liberties organisations with mainstream political weight, and a civic muscle memory of telling state power to back off.
What I kept thinking, listening to it all, was: we’ve already had this argument in Australia. We just didn’t realise we were having it — and we lost.
The Blindfold
This is what I mean by blindfolded. Not that the path was hidden, but that we walked it without looking at where it led. Each step felt reasonable — two years of metadata to catch criminals, backdoor access to stop terrorism, account takeover to fight online crime, biometric ID for convenience. Each step was sold as specific and bounded. And each one made the next step smaller.
Coming from Europe, I can see this in a way that’s harder to see from inside it. I grew up in a culture shaped by the Chaos Computer Club — an organisation that has been a political watchdog on digital rights since 1981, that commands mainstream media attention, and that treats the question who does this technology serve? as a civic responsibility, not a fringe concern. I wrote about this gap in our digital heartbeat last year. The comparison stings more now than it did then.
Germany has the GDPR because Germans have visceral, historically grounded reasons to resist surveillance states. The cultural memory is living. The political resistance is real. In the US there’s a constitutional tradition — imperfect, contested, often failing — that at least creates friction. Courts push back. Organisations litigate. People show up.
In Australia, the dominant political culture offers something different: a genuine, deep-seated trust in institutions, a preference for “she’ll be right” pragmatism over civil liberties abstraction, and a bipartisan consensus that security should not be obstructed by questions of principle. These are not cynical qualities. In many contexts they are admirable. But as a recipe for building surveillance infrastructure, they are extraordinarily efficient.
The Transparency Problem
As someone who has spent a career in open source, what bothers me as much as the surveillance itself is the opacity.
The Identify and Disrupt Act allows data modification to occur under secrecy provisions — you may never know it happened. The Assistance and Access Act compels assistance under arrangements that can be kept from public scrutiny. The national facial recognition system is being built with closed-source technology, procured through government contracts, with no community auditing of its accuracy or error rates. We don’t know who is being misidentified. We don’t know how the data is actually being used.
Open source isn’t just about software. It’s about the principle that systems which affect everyone should be inspectable by everyone. The surveillance infrastructure being built around us fails that test completely. It is closed, unauditable, and growing — with the explicit legal protection of the state.
When I think about the EFF building RayHunter to detect fake cell towers, or Colonel Panic building a $20 device that maps surveillance cameras via open-source firmware — that is the open source instinct applied to accountability. People who can’t inspect the system deciding to build their own instruments to measure it from the outside.
We don’t have that culture here in any organised way. Digital Rights Watch is doing serious work. But it remains on the fringe of mainstream political conversation, fighting well-resourced legislation with volunteer energy and thin funding.
The Slope Is Still Slippery
Australia’s institutions are not malicious. Most people who passed these laws genuinely believed the specific, bounded justifications offered for each measure.
That’s precisely the problem. The slope doesn’t require bad intentions. It requires a culture that evaluates each step individually and never steps back to look at the shape of the path. And then one day you look up and realise you’ve built — with bipartisan enthusiasm, in a country widely regarded as a stable liberal democracy — metadata retention without warrants, compelled encryption assistance, government account takeover powers, national biometrics, and centralised vehicle tracking.
And Americans are still having the argument about Flock cameras.
The blindfold wasn’t imposed on us. We put it on ourselves, piece by piece, because the light was uncomfortable and the path felt smooth.
Taking it off means developing the cultural infrastructure that makes accountability possible: organisations with mainstream traction, political parties that treat digital rights as a first-order issue, a tech community that asks who does this serve? before it asks how do we implement it? And — frankly — more people willing to be publicly annoying about this at the local level, in the way that 100 people showing up to a council meeting in Asheville was publicly annoying.
The technology to push back exists. The open source tools exist. The information exists.
The question is whether we develop the culture to use them — before the slope levels out somewhere we really don’t want to be.
Next week: Sleepwalking Off a Digital Cliff maps the surveillance infrastructure layer by layer — the metadata laws, the biometrics, the encryption backdoors — and what you can actually do about it. And Where Is Our Digital Heartbeat? on why Australia lacks the critical hacker culture that makes resistance possible elsewhere.
Webmentions
🔁 Reposted by 2 people
Want to comment? Reply to this post from your Mastodon/Fediverse account, or mention this post's URL in your reply. Your comment will appear here automatically!
Have your own blog? Send a webmention
to https://webmention.io/gaggl.com/webmention