Wednesday, 15 August 2018 21:19

IA concerns over privacy, security issues with encryption law Featured

IA concerns over privacy, security issues with encryption law Image courtesy of Stuart Miles at

Internet Australia has raised serious privacy and security concerns about the Australian Government’s proposal to introduce a new cyber encryption law, warning the draft law seeks unprecedented expansion of powers to access citizen’s devices.

IA — a not-for-profit organisation representing Internet users — says it is deeply concerned with the exposure draft of the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill by the Department of Home Affairs – and the short four-week period permitted for public comments and analysis.

“We recognise that law enforcement has a legitimate desire to access and view information transmitted across telecommunications networks by serious criminals, and that often these messages are encrypted in some form, as Internet application developers enhance the security and confidentiality of their services,” the IA chair Dr Paul Brooks said on Wednesday.

“However the government needs to recognise the clear potential dangers to the security and privacy of ordinary Australians which this legislation, in its current form, poses.”

IA warns that the methods to gain access to messages must not weaken the confidence that the vast majority of law-abiding users should have in the “strong security measures applied to their confidential communications, including banking, ecommerce and the transmission of sensitive information such as health records”.

According to Dr Brooks, the draft legislation “clearly needs further work before it can be seriously considered to be fit for purpose”.

“A back-door into devices is still a back-door.

“Law enforcement are seeking expanded powers to issue requirements and instructions directly to manufacturers and distributers of all communications devices – mobile phones, landline phones, broadband modems, printers, smart TVs, the new crop of voice-enabled home assistants. Everything is captured.

“Further, these powers appear to permit the government to instruct the device manufacturer to actively change how the device functions, to add or subtract functionality. These new powers go far beyond merely gaining access to messages.”

IA and the global Internet Society say they will shine a light on the proposed encryption law when they jointly hold an open Experts Session on Encryption at Parliament House in Canberra on 20 August, with international  experts from MIT, Mozilla, the IAB, as well as Australian experts in attendance. 

Telco industry lobby group Communications Alliance has welcomed release of the draft encrption law and CEO John Stanton says it will take some time to get a clear picture as to what is being proposed and whether the draft legislation is practical and provides "sufficient clarity to allow our industry to implement the new regime in the relevant timeframes envisaged by the law".

CA chief executive John Stanton says the industry is currently working through details of the “complex piece of legislation” and “looking for ways in which it might be improved and understanding the implications of the new rules for our industry”.

CA notes that the draft Assistance and Access Bill extends significantly the reach of government and its agencies and the types of assistance that can be requested or required from telecommunications players in Australia or companies providing communications products and services to Australia from offshore.

In his analysis of the draft law, iTWire's Sam Varghese wrote on Tuesday that the Australian Government has "left open the door for enforcement agencies to use specific cracks to gain access to encrypted communications on specific devices, given the language it has used in a draft of a new cyber law".

"There has been much speculation over the last year about what Canberra would do with regard to encryption. The draft law issued on Tuesday indicates that no foolhardy attempt will be made to insert generic backdoors."



26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Peter Dinham

Peter Dinham is a co-founder of iTWire and a 35-year veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).



Recent Comments