Wednesday, 20 March 2019 05:12

Only politicians get exemption from encryption law Featured

By
Only politicians get exemption from encryption law Image by Glen Smith from Pixabay

The Federal Government's encryption law spreads its net far and wide in society, but exempts one class of person — politicians — from its tentacles, according to an analysis of the law by lawyer and consultant Matthew Shearing.

"This Bill (which is now law) has a number of small but powerful provisions tucked away in its 220 pages – but none might raise more eyebrows than the provision regarding members of Parliament," Shearing pointed out in his analysis which came to iTWire's notice after InnovationAus editor James Riley mentioned it.

"While the rest of the Australia (and in many cases, the world) is subject to the new legislation, the only people who are expressly excluded from everything in the Bill are the very people who rushed it through Parliament in the first place – the politicians."

And in a sarcastic aside, he added: "It’s not a big deal though – it’s common knowledge that our politicians are the most trustworthy and transparent of anyone in our society. I, for one, am glad they have blanket immunity."

A great deal of Shearing's analysis of the bill covers well-worn paths with the difference being that he has used plain English unlike some pundits who have laid claim to tell people "everything you wanted to know about the Assistance and Access bill".

Shearing mentions the danger that the law poses to the technology industry in Australia many times.

"If I was advising an international company on this Bill, I’d say they must assume that any data originating in Australia is being routed via Australian intelligence servers," he wrote.

"I’d also say there’s a the much higher chance that Australian software will be breached by hackers and malicious actors. I suspect many experts will recommend avoiding Australian software and staff altogether – which some organisations have already begun doing.

"This is tough, because most Australian companies probably haven’t been served with a notice yet.

"Business, however, is cold and pragmatic, and there’s little room for doubt when you’re talking about data security. It’s entirely possible that, when weighing options for service agreements or software development, one of the first questions asked will be 'Who has an Australian presence?'

"Much in the same way that low university grades are filtered out of job application processes early, being ‘Australian made‘ may get you automatically removed from shortlists quicker than you can say 'there should have been a referendum on this'.“

Also listed in his analysis are a number of measures that can be taken to minimise the impact of the law. One that Shearing cites is, "Wherever possible, put measures in place to monitor your software for unauthorised alterations and suspicious activity from your employees.

"The Bill gives authorities the power to compel employees to make changes without the knowledge or involvement of anyone else in a company. If you’re unaware of the existence of a notice, you must treat any unauthorised alterations as a cyber attack and deal with it accordingly."

And his advice to international firms does not sound good for Australia. "If you’re an international company, seriously consider if you still want to do business in Australia. You may save a lot of time and money by simply excluding Australia from your business until our government comes to their senses. How overseas companies will interact with this Bill (and what they can be forced to do) is still something that requires further thought and will probably form a Part 2 of this article."

An inquiry is now underway into the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 by the Parliamentary Joint Committee on Intelligence and Security. The PJCIS is expected to submit a report to government by 3 April.

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has high potential to be exposed to risk.

It only takes one awry email to expose an accounts payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 steps to improve your Business Cyber Security’ you will learn some simple steps you should be taking to prevent devastating malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you will learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments