Tuesday, 12 February 2019 10:01

Australian tech firms seek changes in encryption law Featured

Australian tech firms seek changes in encryption law Pixabay

A number of Australian technology companies, led by the charity StartupAUS, have called on the Federal Government to make four changes in the encryption law that was passed last year.

The changes were sought in a submission made to the review of the legislation — known as the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 — that is being conducted by the Parliamentary Joint Committee on Intelligence and Security. The PJCIS is expected to submit a report to government by 3 April.

Among the firms signing on to the submission were Airtree, Atlassian, Blackbird, Brighte, Culture Amp, Canva, Freelancer, Girl Geek Academy, Safety Culture, Square Peg Capital, Tech Sydney, WiseTech Global and 99designs.

Under the law, there are three ways listed by which the authorities can get industry to aid in gaining access to encrypted material. A technical assistance request (TAR) allows for voluntary help by a company; in this case, its staff would be given civil immunity from prosecution.

An interception agency can issue a technical assistance notice (TAN) to make a communications provider offer assistance.

Finally, a technical capability notice (TCN) can be issued by the attorney-general at the request of an interception agency; the communications minister of the day would also need to agree. This will force a company to help law enforcement, by building functionality.

One of the changes sought in the submission is the removal of the possibility of issuing a TCN to an individual as this was a major concern for the technology sector.

Such an individual would then face tough penalties if he or she told their fellow workers about it. "It is our understanding after consultation with Home Affairs that this is not the intention of the Act, yet we believe that removing the possibility from the legislation would do a lot to reassure the tech sector that such action will not occur," Alex McCauley, chief executive of StartupAUS, wrote.

The submission also called for narrowing the definition of who could be called a designated communications provider, pointing out that the term encompassed any provider of electronic services with one or more end-users in Australia.

"Effectively, this includes any technology provider that offers technology designed to connect to the Internet, whether or not the service is designed to support communications as a market segment," McCauley said.

The definition should be narrowed to reflect the nature of the services the government was most interested in​ - communication providers, he said.

A third change sought was the increasing of oversight and fourth was a limit on the use of the powers provided in the law.

McCauley pointed out that there was no bill of rights in Australia to act as a check on the use such powers. Given that, he said: "The government must include an objective, merits-based review to ensure consistency regarding the exercise of powers under the Act​, including further defining key terms that will draw important boundaries around the exercise of powers under the Act and root them in meaningful legal frameworks."

He added that serious offences were defined very broadly in the law. "The result of such a broad definition of serious offence is that rather than the powers under this Act being reserved as a critical measure in times of great need, they will simply fall into regular use as part of the daily toolkit of law enforcement​ , at significant cost to Australian technology companies, their customers and their products."

And McCauley added: "The definition of ‘serious crime’ should be restricted only to those crimes which are the stated target of the Act, that pose a genuine and serious threat to Australia and its citizens. Further, the ability to exercise powers in furtherance of other countries’ criminal laws should be withdrawn."


Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has high potential to be exposed to risk.

It only takes one awry email to expose an accounts payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 steps to improve your Business Cyber Security’ you will learn some simple steps you should be taking to prevent devastating malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you will learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips



iTWire can help you promote your company, services, and products.


Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments