The biggest media story today should be Nick McKenzie and Richard Baker's revelation that the metadata of Telstra, Vodafone and Optus customers is available for sale in India via call centre employees. It's frightening, disturbing -- and illustrates just how dangerous to Australians the government's mass surveillance regime is.

Crikey warned repeatedly that data retention would create a vast trove of personal and highly revealing information about every Australian that would inevitably be targeted successfully by thieves. Last year we suggested such information might be hacked, but McKenzie and Baker have shown there's no coding skill required -- you just need to bribe an employee with the right access.