De-encryption Bill currently before Joint Committee

The much awaited Telecommunications and other Legislation Amendment (Assistance And Access) De-encryption Bill 2018 (De-encryption Bill) has been referred to the Parliamentary Joint Committee on Intelligence and Security (Joint Committee).  The Joint Committee has allowed three (3) weeks for submissions.  It is a very short time-frame for submissions considering the controversial nature of the Bill.  Submissions close on 12 October 2018 and a hearing will then be held by the Joint Committee one (1) week later.  The De-encryption De-encryption Bill (if passed) amends the Telecommunications Act 1997(Cth) (and various other acts) and has the stated aim of “establishing frameworks for voluntary and mandatory industry assistance to law enforcement and intelligence agencies in relation to encryption technologies via the issuance of technical assistance requests, technical assistance notices and technical capability notices….”

The De-encryption Bill contains five (5) schedules, which are be briefly summarised below:

Schedule 1 – Industry assistance

This schedule sets out the framework for ‘industry cooperation’ of ‘designated communications providers’ which are defined as a person who:[1]

  • is a carrier or carriage service provider;
  • is carriage service intermediary;
  • provides a service that facilitates, or is ancillary or incidental to, the supply of a listed carriage service;
  • provides an electronic service that has one or more end-users in Australia;
  • provides a service that facilitates, or is ancillary or incidental to, the provision of an electronic service that has one or more end-users in Australia;
  • develops, supplies or updates software used, for use, or likely to be used, in connection with:
    • a listed carriage service; or
  • an electronic service that has one or more end-users in Australia.
  • manufactures, supplies, installs, maintains or operates a facility.

The Bill’s ‘designated communications providers’ casts a wide net to be complimentary to the already existing obligation of domestic carriers and carriage service providers to provide ‘such help as is reasonably necessary’ to agencies under section 313 of the Telecommunications Act 1997 (Cth).  This schedule is intended to ‘enhance cooperation between those providers involved in the communications supply chain and national security and law enforcement agencies.’[2]  The intended industry cooperation framework is provided in the De-encryption Bill in three (3) mediums:

  • Technical Assistance Request

The voluntary assistance to provide a legal basis on which a designated communications provider, including foreign and domestic communications providers and device manufacturers, can provide voluntary assistance to the Australian Security Intelligence Organisation (ASIO), Australian Secret Intelligence Service (ASIS), Australian Signals Directorate (ASD) and interception agencies.[3]

  • Technical Assistance Notice

    • A compulsory notice for the designated communications provider to use an interception capability they possess and provide/act in accordance to what is specified in the notice by the Director-General of Security or the chief officer of an interception agency.[4]
    • The request in the notice must be ‘reasonable and proportionate’.[5]
  • Technical Capability Notices

A compulsory notice for a designated communications provider to build a new interception capability in order for it to comply with any subsequent Technical Assistance Notices.[6]  Compliamentry to these notices, the De-encryption Bill provides that financial compensation for those designated communication providers who have assisted/cooperated will be provided, as well certain immunities from civil liability and criminal offences.[7]

Schedule 2 – Computer access warrants

This schedule is intended to enact additional power for Commonwealth, State and Territory law enforcement agencies investigating a federal offence (maximum of three years imprisonment or more) to obtain covert computer access warrants.  This has been already been granted to the ASIO, so this is drafted to extend those powers to law enforcement agencies.[8] These powers include:[9]

  • enabling the interception of communications for the purpose of executing a computer access warrant and thus removing the need to obtain a second warrant for that purpose;
  • permitting the temporary removal of a computer or thing from a premises for the purpose of executing a warrant, and to return the computer or thing; and
  • take steps to conceal their access to a computer, following the expiry of the warrant, to address situations where an agency no longer has access to the computer at the time the warrant expires.

Schedule 3 – Search warrants under the Crimes Act

This schedule intends to amend the search warrant framework under the Crimes Act 1914 (Cth) to expand the ability of criminal law enforcement agencies to collect evidence from electronic devices under warrant. Refer to schedule 3 of the Bill for the proposed search warrant framework within the Bill.

Schedule 4 –Search Warrants under the Customs Act

The schedule is intended to amend the search warrant framework under the Customs Act 1901 (Cth) to allow the Australian Border Force (ABF) to collect evidence from electronic devices under warrant in person or remotely. Refer the schedule 4 of the Bill for the proposed search warrant framework.

Schedule 5 – ASIO

This schedule provides for an exemption of persons or bodies from civil liability if they voluntarily provide assistance,[10] or give information or a document to ASIO unsolicited.[11]  However, this schedule also sets out requirements of ‘assistance relating to access’ for persons with knowledge of a computer of computer system.[12]  As a result, if the person does not comply, they commit an offence, which is 300 penalty units and/or 5 years imprisonment.[13]

What justification does the government have for implementing this Bill?

The nature of the De-encryption Bill calls for caution with granting such extensive powers, which is arguably a breach of privacy for Australian citizens.  The Explanatory Memorandum of the De-encryption Bill in order to justify these controversial powers explains that:

“the increasing use of encryption has significantly degraded law enforcement and intelligence agencies’ ability to access communications and collect intelligence, conduct investigations into organised crime, terrorism, smuggling, sexual exploitation of children and other crimes, and detect intrusions into Australian computer networks. Encryption can conceal the content of communications and data held on devices, as well as the identity of users.”

If you have a different opinion, you are encouraged to make a submission to the Joint Committee before 12 October 2018.  To make obtain the contact information to email a submission to, click here.

Further references

Legislation

Customs Act 1901 (Cth)

Crimes Act 1914 (Cth)

Telecommunication Act 1997 (Cth)

The Telecommunications and other Legislation Amendment (Assistance And Access) De-encryption Bill 2018

Related articles by Dundas Lawyers

De-encryption laws to make tech giants cooperate with law enforcement

Further information

If you need assistance regarding how the proposed de-encryption laws may affect your technology company (if the De-encryption Bill is passed in its present form), please telephone me for an obligation free and confidential discussion.

 
Malcolm Burrows
B.Bus.,MBA.,LL.B.,LL.M.,MQLS.

Legal Practice Director

Telephone: (07) 3221 0013 | Mobile: 0419 726 535

e: mburrows@dundaslawyers.com.au

Disclaimer

This article contains general commentary only.  You should not rely on the commentary as legal advice.  Specific legal advice should be obtained to ascertain how the law applies to your particular circumstances.

 [1] The Telecommunications And Other Legislation Amendment (Assistance And Access) De-encryption Bill 2018 Sch 1, Pt 1.

[2] Explanatory Memorandum, The Telecommunications And Other Legislation Amendment (Assistance And Access) De-encryption Bill 2018, 3 [8] (Explanatory Memorandum)

[3] The Telecommunications And Other Legislation Amendment (Assistance And Access) De-encryption Bill 2018 s 317G(1)(a).

[4] Ibid s 317L.

[5] Ibid, s 317RA.

[6] Ibid, s 317S.

[7] Explanatory Memorandum, 3 [9].

[8] Ibid, 4 [12].

[9] Ibid.

[10] The Telecommunications And Other Legislation Amendment (Assistance And Access) De-encryption Bill 2018 s 21A(1).

[11] Ibid, s 21A(5).

[12] Ibid, s 34AAA

[13] Ibid, s 34AAA (4).

Dundas Lawyers
Street Address Suite 12, Level 9, 320 Adelaide Street Brisbane QLD 4001

Tel: 07 3221 0013

Send this to friend