Updated 4 October 2018 – see De-encryption De-encryption Bill currently before Joint Committee
According to the ABC website, in the next few weeks Cyber Security Minister Angus Taylor is poised to present new legislation which once passed will require technology companies and multinationals to assist law enforcement to access encrypted data of “suspected criminals and terrorists”. Currently, the bill is not yet before parliament but should appear on its website once officially announced.
In February, the government has indicated its plans to tackle criminal use of encryption with the Honourable Peter Dutton MP stating in an address to the National Press Club:
“Law enforcement access to encrypted communications should be on the same basis as telephone and other intercepts,
in which companies provide vital and willing assistance in response to court orders.”
In April, Dutton confirmed in his opening address to the Australian Cyber Security Centre Conference the government has created legislation which requires telecommunication companies to help agencies with any decryption.
To date criminals have used encryption to successfully hide from law enforcement though the government claims this will be changed if this bill becomes law.
At the same time encryption has also been used lawfully by Australians. How the government plans to create backdoors to encryption without undermining the security of lawful technologies remains unclear.
Several commentators on this issue, including Digital Rights Watch and InnovationAus.com, are critical of the legislation and fear that allowing a backdoor will create a weakness in platforms. Encryption is thought to only be ‘strong and robust’ if it is not susceptible to backdoors by the government.
It is believed that government agencies can create a backdoor by including code into technologies, unbeknownst to the consumer. The government is basing this legislation on the UK Investigatory Powers Act 2016 and the New Zealand Telecommunications (Interception Capability and Security) Act 2013. According to the former Attorney General George Brandis, this legislation is being enacted to further Australia’s co-operation as a member of the Five Eyes, sharing and gathering intelligence with its partners – Canada, New Zealand, the UK and the United States.
In summary this legislation will be divided into three (3) parts which:
- widen powers for search warrants and device surveillance for encryption technologies;
- provide power requiring telecommunication companies to co-operate with government agencies in accessing their encrypted information; and
- create penalties for a failure to co-operate with government agencies.
All telecommunication companies and ‘tech giants’ will be affected if the bill becomes law, including the likes of Optus, Facebook and Apple.
Takeaways
Watch this space! Once the government officially announces the bill, companies will be able to ascertain any potential risks or issues to their business in the use of encryption.
Further references
Legislation
Telecommunications (Interception Capability and Security) Act 2013
References
ABC News, ‘Tech giants to be targeted by anti-terror laws to help police access encrypted data’
Computerworld, Digital Rights Watch, ‘The Role of Encryption in Australia’
Mr Peter Dutton, ‘Opening Address to the Australian Cyber Security Centre Conference, Canberra’
Mr Peter Dutton, ‘Address to the National Press Club of Australia, Canberra”.
Computerworld, ‘Encryption crackdown: The government doesn’t much care for you terroristic maths’
Related articles by Dundas Lawyers
The Meaning of Personal Information
Notifiable Data Breach Scheme Commences 23 Feb 2018
What is a Data Breach Response Plan and how do I get one?
Abhorrent violent material prohibited
Further information
If you need advice on any issues associated with technology law, please telephone me for an obligation free and confidential discussion.
Michael Barber BSc.,Grad.Dip.IT, Acct.,LL.B(Hons)., GDLP, MQLS
Lawyer
Telephone: (07) 3221 0013 |
e: mbarber@dundaslawyers.com.au
Disclaimer
This article contains general commentary only. You should not rely on the commentary as legal advice. Specific legal advice should be obtained to ascertain how the law applies to your particular circumstances.
