In a submission to the ongoing inquiry into the law, which was passed on 6 December, FastMail chief executive Bron Gondwana said the company's customers were "deeply concerned that they cannot trust the Australian Government to properly manage, monitor and control the flow of access requests".
"They don't trust the government's technical capabilities (activities around the MyHealthRecord and Robodebt are sources for justification for this view)."
Gondwana dealt with one of the much-discussed aspects of the law — systemic weakness — by pointing that any capability in a system that was not documented, designed and tested along with the rest of the system would add a systemic weakness.
Keeping the functionality provided by any TCN was fine, he said, but the existence of the TCN should not be kept secret.
Among the changes FastMail has suggested are that companies be allowed to disclose that they have received a technical capability notice.
Elaborating, Gondwana said the secrecy requirements would place all companies, which build a trusted relationship with their customers, at risk.
"To conclude that additional capabilities built under TCN can be kept a secret, whether from staff or customers, is naive at best," he said.
"When the capability is discovered, [the law] threatens criminal penalties for acknowledging that the capability even exists. This is incompatible with best practices for computer security."
Gondwana said a reduction of foreign investment in Australian start-ups was bound to occur as nobody would want to invest in a product that could be compromised without any warning.
"We are regularly being asked by customers if we plan to move. In addition to affecting current businesses, this bill has a chilling effect on anyone who might be considering starting a business," he pointed out.
"Technology companies have a choice of location that bricks-and-mortar companies do not.
"If Australians with great ideas choose to take their intellectual property to another country, it has a negative impact both by reducing future tax revenue and by depriving the technology community in Australia of another entrant."
Soon after the law was passed, the Parliamentary Joint Committee on Intelligence and Security began a fresh review of what is officially called the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018). It is scheduled to submit a report by 3 April.