Tuesday, 26 February 2019 05:04

FastMail fears customer exodus due to encryption law Featured

Bron Gondwana: "The mere existence of capabilities which are not documented or tested along with the rest of the system is a systemic weakness." Bron Gondwana: "The mere existence of capabilities which are not documented or tested along with the rest of the system is a systemic weakness." Courtesy FastMail

Melbourne-based secure email provider FastMail says it has begun to see existing customers leave and potential customers go to other providers, and the reason cited is the government's encryption bill.

In a submission to the ongoing inquiry into the law, which was passed on 6 December, FastMail chief executive Bron Gondwana said the company's customers were "deeply concerned that they cannot trust the Australian Government to properly manage, monitor and control the flow of access requests".

"They don't trust the government's technical capabilities (activities around the MyHealthRecord and Robodebt are sources for justification for this view)."

Gondwana dealt with one of the much-discussed aspects of the law — systemic weakness — by pointing that any capability in a system that was not documented, designed and tested along with the rest of the system would add a systemic weakness.

This was "especially when those capabilities involve security and access control", he added.

Keeping the functionality provided by any TCN was fine, he said, but the existence of the TCN should not be kept secret.

Among the changes FastMail has suggested are that companies be allowed to disclose that they have received a technical capability notice.

Elaborating, Gondwana said the secrecy requirements would place all companies, which build a trusted relationship with their customers, at risk.

"To conclude that additional capabilities built under TCN can be kept a secret, whether from staff or customers, is naive at best," he said.

"When the capability is discovered, [the law] threatens criminal penalties for acknowledging that the capability even exists. This is incompatible with best practices for computer security."

Gondwana said a reduction of foreign investment in Australian start-ups was bound to occur as nobody would want to invest in a product that could be compromised without any warning.

"We are regularly being asked by customers if we plan to move. In addition to affecting current businesses, this bill has a chilling effect on anyone who might be considering starting a business," he pointed out.

"Technology companies have a choice of location that bricks-and-mortar companies do not.

"If Australians with great ideas choose to take their intellectual property to another country, it has a negative impact both by reducing future tax revenue and by depriving the technology community in Australia of another entrant."

Soon after the law was passed, the Parliamentary Joint Committee on Intelligence and Security began a fresh review of what is officially called the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018). It is scheduled to submit a report by 3 April.


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments