Sunday, 13 January 2019 18:52

Home Affairs perpetuating myths about encryption law: CA chief Featured

Communications Alliance chief John Stanton. Communications Alliance chief John Stanton. Supplied

A document issued by the government-funded Australian Cyber Security Growth Network, aimed at providing "information to industry about key economic concerns" over the encryption law that was passed in December, has been dismissed by the Communications Alliance as a bid by the Home Affairs Department to perpetuate myths about the legislation.

The AustCyber document was based on a survey it sponsored which was carried out by the Australian Strategic Policy Institute. ASPI is partly funded by the government but also receives funding from a number of big players in the defence industry.

The poll sought the views of 512 industry players, but succeeded in obtaining answers only from 63.

The document was released on 20 December and therefore did not attract any coverage. iTWire asked CA's chief John Stanton, who has been a strong advocate for the telecommunications industry on the issue, for comment.

The encryption law was passed on 6 December without any amendments to the version submitted to Parliament on 20 September. Some 50 pages of amendments were handed out to the various parties early on 6 December before debate on the bill began. But it was finally passed without amendments as the House of Representatives had already risen for the year by the time the amendments were taken up in the Senate.

Labor leader Bill Shorten agreed to this compromise on the proviso that the amendments would be passed during the first sitting of 2019. The government has said it would consider the amendments, but has made no commitment that it would accept all of them.

Stanton described the document put together by AustCyber as "an attempt to be helpful", adding that it illustrated the ways in which the Department of Home Affairs sought to perpetuate "a number of myths about the nature of the legislation and the ways in which it can be used".

He pointed to one such example. "For example, the Department states that the Act 'has very strict limitations on the type of assistance that can be compelled by a notice'. In fact, the 'Listed acts or things' at 317E of the Act is frighteningly broad."

There are three ways listed in the law by which the authorities can get industry to aid in gaining access to encrypted material. A technical assistance request (TAR) allows for voluntary help by a company; in this case, its staff would be given civil immunity from prosecution.

An interception agency can issue a technical assistance notice (TAN) to make a communications provider offer assistance.

Finally, a technical capability notice (TCN) can be issued by the attorney-general at the request of an interception agency; the communications minister of the day would also need to agree. This will force a company to help law enforcement, by building functionality.

Stanton said the issuing of the TANs and TCNs did not require a warrant to be obtained as claimed by AustCyber, though the government had continually implied warrants were required. "In fact, the Labor amendments that were withdrawn on the day the Bill passed the Senate would have introduced a warrant framework and judicial oversight," he added.

"But if there does happen to be a warrant in place, then the list of what actions communications providers can be ordered to do is completely open-ended - see the newly amended 317 E (da)."

He said the AustCyber document also cited the Department as claiming that the legislation “won’t require an employee to be operating under a notice that their employer is ignorant of".

"Again — there is nothing in the legislation that provides that assurance — and there is ample scope (under 317 F) of the Act, for agencies to require that an employee not disclose to his or her employers that they have been served with a notice. The penalty for breaching the secrecy provisions is five years in prison," he said.

Stanton also noted that the assessment and reporting obligation introduced for TCNs did not include a requirement that the assessors – to be appointed by the Attorney-General – be independent.

This, he said, could allow for the appointment of an ASIO officer as the technical expert. "To top it off, the Attorney-General only needs ‘to have regard to’ the report, potentially in the same manner as regard was given to the feedback received during the drafting stages of the Bill," Stanton said, adding that there were many more such examples in the AustCyber document.

"What’s also becoming clear, on closer examination, is that there are all sorts of deficiencies and problems in the government amendments – which is hardly surprising, given that they were thrown together in an all-night drafting marathon and completed a couple of hours before they were rammed through the House of Representatives," he pointed out.

The Parliamentary Joint Committee on Intelligence and Security announced on 18 December that it would be conducting another review of the law after Parliament convenes for 2019 and will submit a report about it by 3 April.

Stanton said CA would attempt to highlight these and other problems in a submission to the reconstituted inquiry.

"There is an enormous amount of work still to do – including incorporating amendments along the lines of those proposed by Labor – to try to make this Act workable and reasonable," he said. "It really is a shame that so many stakeholders — who could have contributed much to a thorough and rational legislative development process on these issues — find themselves in the position of trying to mount a rescue mission, after the fact."

Subscribe to ITWIRE UPDATE Newsletter here


The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News