#[1]Latest topics for ZDNet in Security

    * Edition:
         + Asia
         + Australia
         + Europe
         + India
         + United Kingdom
         + United States
         + ZDNet around the globe:
         + [2]ZDNet China
         + [3]ZDNet France
         + [4]ZDNet Germany
         + [5]ZDNet Korea
         + [6]ZDNet Japan

  Search
  What are you looking for? ____________________ (BUTTON) Go

    * [7]Videos
    * [8]Windows 10
    * [9]Enterprise Software
    * [10]Cloud
    * [11]AI
    * [12]Security
    * [13]TR Premium
    * more
         + [14]Build a Website
         + [15]5G Guide
         + [16]Innovation
         + [17]CES 2020
         + [18]Best Smartphones
         + [19]Executive Guides
         + [20]Best VPN Services
         + [21]Web Hosting
         + [22]See All Topics
         + [23]White Papers
         + [24]Downloads
         + [25]Reviews
         + [26]Galleries
         + [27]Videos
         + [28]TechRepublic Forums
    * [29]Newsletters
    * [30]All Writers
    *
         + [31]Preferences
         + [32]Community
         + [33]Newsletters
         + [34]Log Out

    *
    *
         + What are you looking for? ____________________ (BUTTON) Go
    * Menu
         + [35]Videos
         + [36]Windows 10
         + [37]Enterprise Software
         + [38]Cloud
         + [39]AI
         + [40]Security
         + [41]TR Premium
         + [42]Build a Website
         + [43]5G Guide
         + [44]Innovation
         + [45]CES 2020
         + [46]Best Smartphones
         + [47]Executive Guides
         + [48]Best VPN Services
         + [49]Web Hosting
         + [50]See All Topics
         + [51]White Papers
         + [52]Downloads
         + [53]Reviews
         + [54]Galleries
         + [55]Videos
         + [56]TechRepublic Forums
    *
    *
         +
              o [57]Preferences
              o [58]Community
              o [59]Newsletters
              o [60]Log Out
    * us
         + Asia
         + Australia
         + Europe
         + India
         + United Kingdom
         + United States
         + ZDNet around the globe:
         + [61]ZDNet China
         + [62]ZDNet France
         + [63]ZDNet Germany
         + [64]ZDNet Korea
         + [65]ZDNet Japan

Cops are getting full URLs under Australia's data retention scheme

  There is content on the envelope. A Senate committee has been told that
  law enforcement agencies sometimes get full URLs from telcos, despite
  government reassurances.

    *
    *
    *
    *
    *
    *

  [66]Stilgherrian

  By [67]Stilgherrian for [68]The Full Tilt | February 7, 2020 -- 03:33
  GMT (19:33 PST) | Topic: [69]Security

  The Commonwealth Ombudsman, Michael Manthorpe, has revealed that law
  enforcement agencies are being given the full URLs of web pages visited
  by people under investigation.

  Australia's mandatory telecommunications [70]data retention scheme was
  meant to deliver only so-called "metadata" to the cops and spooks.
  Under the scheme, a warrant is not required.

  But according to Manthorpe, the "ambiguity around the definition of
  content" means that agencies might effectively be receiving the content
  of communications.

  The ombudsman explained his concerns during a hearing of the
  Parliamentary Joint Committee on Intelligence and Security (PJCIS) on
  Friday.

    Senator Andrew Hastie, Committee Chair: Could you talk about your
    concerns regarding ambiguity around the definition of content and
    whether or not an agency should have access to that when disclosed
    by a carrier under an authorisation?

    Michael Manthorpe, Commonwealth Ombudsman: Yes, essentially, the
    piece of ambiguity we have observed through our inspections is that
    sometimes the metadata, in the way it's captured, particularly URL
    data, and sometimes IP addresses but particularly URL data, does
    start to actually in its granularity start to communicate something
    about the content of what is being looked at. That's essentially the
    point we're making.

    Hastie: Just to be very clear, you get the URL, you get the full
    www. whatever it is .com?

    Manthorpe: That's right.

    Hastie: Which can indicate indicate what they're looking at.

    Manthorpe: Exactly. It can be quite long, or it can be quite short,
    and in some cases the descriptor is long enough to start -- we start
    to ask ourselves well that's almost communicating content, even
    though it's captured in the URL.

    Hastie: And then multiple -- we are getting too technical but you
    know -- multiple clicks, for example, on a thread would generate
    more and more, I guess, content.

    Manthorpe: That's right. Yes, exactly. So it's, we're simply
    highlighting that I think when the scheme was commenced, the concept
    of metadata was probably thought to be quite a clean and delineable
    thing, but we know that there is a greyness on the edges here that
    we thought we should call out.

    Hastie: Yeah. Sometimes there's information on the envelope, so to
    speak, to use the analogy from a couple of years ago.

    Manthorpe: That's a good analogy.

  As for the intelligence agencies, the Inspector-General of Intelligence
  and Security (IGIS), Margaret Stone, said that she wasn't aware of any
  instances of content being provided unlawfully, but she echoed
  Manthorpe's concerns.

  "There is this assumption that you get more from content than
  metadata," Stone told the committee.

  "But when you look at the range of metadata, and what it tells you,
  there's an argument that could be made that it is just as intrusive, or
  almost as intrusive, as content. You can tell a lot about what a
  person's doing from that."

  See also: [71]Why Australia is quickly developing a technology-based
  human rights problem (TechRepublic)

'Grave concerns' that this wasn't meant to happen

  Labor Senator Anthony Byrne noted that the major telecommunications
  companies had given the government "numerous assurances ... that they
  could keep metadata in a subset" away from the content.

  "The federal government actually gave these telecommunications
  companies a substantial amount of money to ensure that that has
  actually happened," Byrne said.

  "If that's not happening, that's of grave concern to me."

  Byrne stressed that he wasn't critical of the agencies, nor the
  Commonwealth Ombudsman's office, merely that what he was now being told
  did not match how he thought the system was meant to work.

  "We are undertaking a review of this mandatory data regime, whether or
  not it works, whether or not it could be improved," he said. "It's
  nothing more than that."

Telco data requests are meant to be written down

  Law enforcement agencies are obtaining telco data without written
  authorisation in a "very small number" of cases, according to ombudsman
  Manthorpe.

  "In some cases, they issue an internal authorisation based on verbal
  advice. And at an operational level, I can understand why that might
  occur, but it isn't catered for in the legislation," he said.

  "Sometimes, agencies -- if they issue a verbal authorisation -- do
  subsequently go to commit[ing it] to writing."

  Or, presumably, sometimes not.

  "We see non-compliance in a small minority of cases generally, and this
  is one area of potential non-compliance," Manthorpe said.

  "I would want to emphasise that, you know, there is a big volume of
  authorisations, and as far as we can ascertain, most of them are
  authorised appropriately."

  However as the committee noted, with the huge number of authorisations
  issues, a small percentage might still represent a large absolute
  number.

  In the 2018-2019 financial year, [72]295,691 authorisations to access
  metadata were issued across all state and federal law enforcement
  agencies. This number does not include those issued to intelligence
  agencies.

ASIO guidelines 'well out of date'

  The Attorney-General's guidelines that cover data collection by the
  Australian Security and Intelligence Agency (ASIO) are "well out of
  date", according to Margaret Stone.

  "The present guidelines were issued in 2007, so guidance in relation to
  new powers introduced since then would be very helpful," she said.

  As well as accessing mandatory data retention, those new powers include
  Australia's [73]controversial encryption laws, and the power to conduit
  a range of "special operations".

  "We've been saying for many years now, that those guidelines need
  revising," Stone said.

  "They're well out of date, the present guidelines."

  PJCIS has been hearing evidence as part of its [74]review of the
  mandatory data retention scheme. These powers were legislated as Part
  5-1A of the [75]Telecommunications (Interception and Access) Act 1979,
  usually referred to as the TIA Act, in 2015.

  The committee is due to report by April 13.

SEE ALSO

    * [76]Human Rights Commission wants data retention period limited to
      six months
    * [77]Telstra questions whether metadata restrictions are working as
      intended
    * [78]Optus gained exemption to store metadata unencrypted
    * [79]Home Affairs floats making telcos retain MAC addresses and port
      numbers
    * [80]Commonwealth Ombudsman singles out Home Affairs over stored
      communications and metadata handling
    * [81]ACT Policing had an unauthorised metadata access party 3249
      more times in 2015
    * [82]Australian enforcement agencies angling for metadata review on
      telco cost recovery
    * [83]Clean Energy Regulator, WA Mines Department, and Vet Surgeons
      Board trying to access metadata: Comms Alliance

 Related Topics:

  [84]Australia [85]Security TV [86]Data Management [87]CXO [88]Data
  Centers

    *
    *
    *
    *
    *
    *

  [89]Stilgherrian

  By [90]Stilgherrian for [91]The Full Tilt | February 7, 2020 -- 03:33
  GMT (19:33 PST) | Topic: [92]Security

  [93]Show Comments
  LOG IN TO COMMENT
    * [94]My Profile
    * [95]Log Out

  | [96]Community Guidelines

Join Discussion

  Add Your Comment
  [97]Add Your Comment

More from Stilgherrian

    * Security
      [98]How the B-Team watches over Australia's encryption laws and
      cybersecurity
    * 5G
      [99]Britain 'doing the wrong thing' by letting in Huawei 5G: former
      ASD officer
    * Security
      [100]Home Affairs report reveals deeper problems with Australia's
      encryption laws
    * Security
      [101]AI and disinformation join nukes in the race for armageddon

  Please review our terms of service to complete your newsletter
  subscription.
  [ ]

  By registering, you agree to the [102]Terms of Use and acknowledge the
  data practices outlined in the [103]Privacy Policy.

  You will also receive a complimentary subscription to the ZDNet's Tech
  Update Today and ZDNet Announcement newsletters. You may unsubscribe
  from these newsletters at any time.
  [ ]

  You agree to receive updates, alerts, and promotions from the CBS
  family of companies - including ZDNet’s Tech Update Today and ZDNet
  Announcement newsletters. You may unsubscribe at any time.

  By signing up, you agree to receive the selected newsletter(s) which
  you may unsubscribe from at any time. You also agree to the [104]Terms
  of Use and acknowledge the data collection and usage practices outlined
  in our [105]Privacy Policy.
  (BUTTON) Continue

Newsletters

  See All
  See All

Related Stories

    * 1 of 3
    *

    * [106]As coronavirus challenges mount, WHO's reputation is being
      hijacked for data theft scams
      A potential pandemic, an “infodemic,” and scams are all challenges
      being faced by the WHO.
    * [107]Ransomware installs Gigabyte driver to kill antivirus products
      RobbinHood ransomware deploys novel technique to make sure it can
      encrypt files without being interrupted.
    * [108]Open source takes on managing and securing the electrical grid
      LF Energy and Alliander Announce a program -- GXF -- to securely
      manage the modern electrical grid's Industrial Internet of Things.

    * [109]UK government rolls out red carpet for infamous spyware vendor
      NSO Group will be touting its wares to visiting officials,
      including those potentially from oppressive regimes.
    * [110]Device security firm Forescout snapped up by Advent in $1.9
      billion deal
      The agreement represents a premium of roughly 30 percent on closing
      share prices.
    * [111]OAIC wants visual on what telcos are handing over under data
      retention regime
      The commissioner also reiterated the importance of limiting the
      retention period, introducing a warrant-based system, better
      defining terminology used in the legislation, and ...

    * [112]Human Rights Commission wants data retention period limited to
      six months
      The commission also wants a warrant system introduced to the
      country's data retention regime, saying it would 'help to focus the
      mind of the agency that is seeking the data'. ...
    * [113]US Attorney General says US and allies should invest in Huawei
      competitors
      US Attorney General Barr says the US and its allies should invest
      in Nokia and Ericsson.
    * [114]Malaysia warns of Chinese hacking campaign targeting
      government projects
      MyCERT security alert points the finger at APT40, a Chinese
      state-sponsored hacking crew.

  [115]ZDNet
  Connect with us

  © 2020 CBS Interactive. All rights reserved. [116]Privacy Policy |
  [117]Cookies | [118]Ad Choice | [119]Advertise | [120]Terms of Use |
  [121]Mobile User Agreement
  Visit other CBS Interactive sites: [Select Site_____]
    * [122]Topics
    * [123]Galleries
    * [124]Videos
    * [125]Sponsored Narratives
    * [126]CA Privacy/Info We Collect
    * [127]CA Do Not Sell My Info

    * [128]About ZDNet
    * [129]Meet The Team
    * [130]All Authors
    * [131]RSS Feeds
    * [132]Site Map
    * [133]Reprint Policy

    * [134]Manage | [135]Log Out
    * Join | Log In
    * [136]Membership
    * [137]Newsletters
    * [138]Site Assistance
    * [139]ZDNet Academy
    * [140]TechRepublic Forums

References

  Visible links
  1. https://www.zdnet.com/topic/security/rss.xml
  2. http://www.zdnet.com.cn/
  3. http://www.zdnet.fr/
  4. http://www.zdnet.de/
  5. http://www.zdnet.co.kr/
  6. http://japan.zdnet.com/
  7. https://www.zdnet.com/video/
  8. https://www.zdnet.com/topic/windows-10/
  9. https://www.zdnet.com/topic/enterprise-software/
 10. https://www.zdnet.com/topic/cloud/
 11. https://www.zdnet.com/topic/artificial-intelligence/
 12. https://www.zdnet.com/topic/security/
 13. https://www.techrepublic.com/premium/
 14. https://www.zdnet.com/article/how-to-build-a-website-for-your-business-your-step-by-step-guide/
 15. https://www.zdnet.com/article/what-is-5g-the-business-guide-to-next-generation-wireless-technology/
 16. https://www.zdnet.com/topic/innovation/
 17. https://www.zdnet.com/topic/ces/
 18. https://www.zdnet.com/article/10-best-smartphones/
 19. https://www.zdnet.com/topic/executive-guides/
 20. https://www.zdnet.com/article/vpn-services-the-ultimate-guide-to-protecting-your-data-on-the-internet/
 21. https://www.zdnet.com/article/buying-guide-cheap-web-hosting-services/
 22. https://www.zdnet.com/topic/
 23. https://www.techrepublic.com/resource-library/whitepapers/
 24. https://downloads.zdnet.com/
 25. https://www.zdnet.com/reviews/
 26. https://www.zdnet.com/pictures/
 27. https://www.zdnet.com/video/
 28. https://www.techrepublic.com/forums/
 29. https://www.zdnet.com/newsletters/
 30. https://www.zdnet.com/blog/
 31. https://www.zdnet.com/members/preferences/
 32. https://www.zdnet.com/members/community/
 33. https://www.zdnet.com/members/newsletters/
 34. https://www.zdnet.com/user/logout/
 35. https://www.zdnet.com/video/
 36. https://www.zdnet.com/topic/windows-10/
 37. https://www.zdnet.com/topic/enterprise-software/
 38. https://www.zdnet.com/topic/cloud/
 39. https://www.zdnet.com/topic/artificial-intelligence/
 40. https://www.zdnet.com/topic/security/
 41. https://www.techrepublic.com/premium/
 42. https://www.zdnet.com/article/how-to-build-a-website-for-your-business-your-step-by-step-guide/
 43. https://www.zdnet.com/article/what-is-5g-the-business-guide-to-next-generation-wireless-technology/
 44. https://www.zdnet.com/topic/innovation/
 45. https://www.zdnet.com/topic/ces/
 46. https://www.zdnet.com/article/10-best-smartphones/
 47. https://www.zdnet.com/topic/executive-guides/
 48. https://www.zdnet.com/article/vpn-services-the-ultimate-guide-to-protecting-your-data-on-the-internet/
 49. https://www.zdnet.com/article/buying-guide-cheap-web-hosting-services/
 50. https://www.zdnet.com/topic/
 51. https://www.techrepublic.com/resource-library/whitepapers/
 52. https://downloads.zdnet.com/
 53. https://www.zdnet.com/reviews/
 54. https://www.zdnet.com/pictures/
 55. https://www.zdnet.com/video/
 56. https://www.techrepublic.com/forums/
 57. https://www.zdnet.com/members/preferences/
 58. https://www.zdnet.com/members/community/
 59. https://www.zdnet.com/members/newsletters/
 60. https://www.zdnet.com/user/logout/
 61. http://www.zdnet.com.cn/
 62. http://www.zdnet.fr/
 63. http://www.zdnet.de/
 64. http://www.zdnet.co.kr/
 65. http://japan.zdnet.com/
 66. https://www.zdnet.com/meet-the-team/au/stilgherrian/
 67. https://www.zdnet.com/meet-the-team/au/stilgherrian/
 68. https://www.zdnet.com/blog/the-full-tilt/
 69. https://www.zdnet.com/topic/security/
 70. https://www.zdnet.com/article/mandatory-data-retention-passes-australian-parliament/
 71. https://www.techrepublic.com/article/why-australia-is-quickly-developing-a-technology-based-human-rights-problem/
 72. https://www.zdnet.com/article/home-affairs-report-reveals-deeper-problems-with-australias-encryption-laws/
 73. https://www.zdnet.com/article/whats-actually-in-australias-encryption-laws-everything-you-need-to-know/
 74. https://www.aph.gov.au/Parliamentary_Business/Committees/Joint/Intelligence_and_Security/Dataretentionregime
 75. http://www.austlii.edu.au/cgi-bin/viewdb/au/legis/cth/consol_act/taaa1979410/
 76. https://www.zdnet.com/article/human-rights-commission-wants-data-retention-period-limited-to-six-months/
 77. https://www.zdnet.com/article/telstra-questions-whether-metadata-restrictions-are-working-as-intended/
 78. https://www.zdnet.com/article/optus-gained-exemption-to-store-metadata-unencrypted/
 79. https://www.zdnet.com/article/home-affairs-floats-making-telcos-retain-mac-addresses-and-port-numbers/
 80. https://www.zdnet.com/article/commonwealth-ombudsman-singles-out-home-affairs-over-stored-communications-and-metadata-handling/
 81. https://www.zdnet.com/article/act-policing-had-an-unauthorised-metadata-access-party-3249-further-times-in-2015/
 82. https://www.zdnet.com/article/australian-enforcement-agencies-angling-for-metadata-review-on-telco-cost-recovery/
 83. https://www.zdnet.com/article/clean-energy-regulator-wa-mines-department-and-vet-surgeons-board-trying-to-access-metadata-comms-alliance/
 84. https://www.zdnet.com/topic/australia/
 85. https://www.zdnet.com/topic/security-tv/
 86. https://www.zdnet.com/topic/data-management/
 87. https://www.zdnet.com/topic/cxo/
 88. https://www.zdnet.com/topic/data-centers/
 89. https://www.zdnet.com/meet-the-team/au/stilgherrian/
 90. https://www.zdnet.com/meet-the-team/au/stilgherrian/
 91. https://www.zdnet.com/blog/the-full-tilt/
 92. https://www.zdnet.com/topic/security/
 93. https://www.zdnet.com/article/cops-are-getting-full-urls-under-australias-data-retention-scheme/container
 94. https://www.zdnet.com/members/preferences/
 95. https://www.zdnet.com/user/logout/
 96. http://cbsi.force.com/CBSi/zdnetcommunityfaq
 97. https://www.zdnet.com/article/cops-are-getting-full-urls-under-australias-data-retention-scheme/#comments-ef338f5f-c0fd-4442-b61f-b9eeb1a504aa
 98. https://www.zdnet.com/article/how-the-b-team-watches-over-australias-encryption-laws-and-cybersecurity/
 99. https://www.zdnet.com/article/britain-doing-the-wrong-thing-by-letting-in-huawei-5g-former-asd-officer/
100. https://www.zdnet.com/article/home-affairs-report-reveals-deeper-problems-with-australias-encryption-laws/
101. https://www.zdnet.com/article/ai-and-disinformation-join-nukes-in-the-race-for-armageddon/
102. http://www.cbsinteractive.com/legal/cbsi/terms-of-use
103. https://www.cbsinteractive.com/legal/cbsi/privacy-policy/highlights
104. http://www.cbsinteractive.com/legal/cbsi/terms-of-use
105. https://www.cbsinteractive.com/legal/cbsi/privacy-policy/highlights
106. https://www.zdnet.com/article/this-is-how-the-world-health-organization-is-being-abused-to-stoke-coronavirus-fears/
107. https://www.zdnet.com/article/ransomware-installs-gigabyte-driver-to-kill-antivirus-products/
108. https://www.zdnet.com/article/open-source-takes-on-managing-and-securing-the-electrical-grid/
109. https://www.zdnet.com/article/uk-government-rolls-out-the-red-carpet-for-infamous-spyware-vendor/
110. https://www.zdnet.com/article/device-security-firm-forescout-snapped-up-by-advent-in-1-9-billion-deal/
111. https://www.zdnet.com/article/oaic-wants-visual-on-what-telcos-are-handing-over-under-data-retention-regime/
112. https://www.zdnet.com/article/human-rights-commission-wants-data-retention-period-limited-to-six-months/
113. https://www.zdnet.com/article/us-attorney-general-says-us-and-allies-should-invest-in-huawei-competitors/
114. https://www.zdnet.com/article/malaysia-warns-of-chinese-hacking-campaign-targeting-government-projects/
115. https://www.zdnet.com/
116. http://legalterms.cbsinteractive.com/privacy
117. http://legalterms.cbsinteractive.com/cookies
118. http://legalterms.cbsinteractive.com/adchoice
119. https://www.zdnet.com/advertise/
120. http://legalterms.cbsinteractive.com/terms-of-use
121. http://legalterms.cbsinteractive.com/eula
122. https://www.zdnet.com/topic/
123. https://www.zdnet.com/pictures/
124. https://www.zdnet.com/video/
125. http://narratives.zdnet.com/
126. https://ca.privacy.cbs/
127. https://ca.privacy.cbs/donotsell
128. https://www.zdnet.com/about/
129. https://www.zdnet.com/meet-the-team/
130. https://www.zdnet.com/blog/
131. https://www.zdnet.com/rssfeeds/
132. https://www.zdnet.com/sitemap/
133. https://www.zdnet.com/reprints/
134. https://www.zdnet.com/members/preferences/
135. https://www.zdnet.com/user/logout/
136. https://www.zdnet.com/about/
137. https://www.zdnet.com/newsletters/
138. https://cbsi.secure.force.com/CBSi/knowledgehome?referer=zdnet.com
139. https://academy.zdnet.com/
140. https://www.techrepublic.com/forums/

  Hidden links:
142. https://www.zdnet.com/
143. https://www.zdnet.com/
144. https://www.zdnet.com/article/cops-are-getting-full-urls-under-australias-data-retention-scheme/#comments-ef338f5f-c0fd-4442-b61f-b9eeb1a504aa
145. https://www.zdnet.com/article/cops-are-getting-full-urls-under-australias-data-retention-scheme/#comments-ef338f5f-c0fd-4442-b61f-b9eeb1a504aa
146. https://www.zdnet.com/article/how-the-b-team-watches-over-australias-encryption-laws-and-cybersecurity/
147. https://www.zdnet.com/article/britain-doing-the-wrong-thing-by-letting-in-huawei-5g-former-asd-officer/
148. https://www.zdnet.com/article/home-affairs-report-reveals-deeper-problems-with-australias-encryption-laws/
149. https://www.zdnet.com/article/ai-and-disinformation-join-nukes-in-the-race-for-armageddon/
150. https://www.zdnet.com/newsletters/
151. https://www.zdnet.com/members/newsletters/
152. https://www.zdnet.com/article/this-is-how-the-world-health-organization-is-being-abused-to-stoke-coronavirus-fears/
153. https://www.zdnet.com/article/ransomware-installs-gigabyte-driver-to-kill-antivirus-products/
154. https://www.zdnet.com/article/open-source-takes-on-managing-and-securing-the-electrical-grid/
155. https://www.zdnet.com/article/uk-government-rolls-out-the-red-carpet-for-infamous-spyware-vendor/
156. https://www.zdnet.com/article/device-security-firm-forescout-snapped-up-by-advent-in-1-9-billion-deal/
157. https://www.zdnet.com/article/oaic-wants-visual-on-what-telcos-are-handing-over-under-data-retention-regime/
158. https://www.zdnet.com/article/human-rights-commission-wants-data-retention-period-limited-to-six-months/
159. https://www.zdnet.com/article/us-attorney-general-says-us-and-allies-should-invest-in-huawei-competitors/
160. https://www.zdnet.com/article/malaysia-warns-of-chinese-hacking-campaign-targeting-government-projects/
161. https://www.facebook.com/pages/ZDNet/5953112932
162. http://twitter.com/zdnet
163. https://www.linkedin.com/company/zdnet-com
164. https://www.youtube.com/channel/UCr9QWb5RKLfaunjKHJZAdQQ

You are viewing proxied material from 1436.ninja. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.