Friday, 01 February 2019 05:57

Encryption law: definition of a computer is rather broad, say academics Featured

By
Encryption law: definition of a computer is rather broad, say academics Pixabay

The debate over the Federal Government's recently passed encryption law is dead serious for the most part, but Melbourne University academics Dr Chris Culnane and Associate Professor Vanessa Teague found something to laugh at in the way the legislation has defined the word "computer".

In a submission to the fresh review that is taking place on the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018, Culnane and Teague, who made detailed submissions to the Parliamentary Joint Committee on Intelligence and Security last year, claimed that the definition of 'computer' which had been added to the Surveillance Devices Act was "just funny".

"[According to] 36 Subsection 6(1) (definition of computer) computer means all or part of:

  • "(a) one or more computers; or
  • "(b) one or more computer systems; or
  • "(c) one or more computer networks; or
  • "(d) any combination of the above," they said.

And they added: "So 'computer' could mean 'all or part of one or more computers', which could mean 'all or part of one or more (all or part of one or more computers)s' which could mean 'all or part of one or more (all or part of one or more (all or part of one or more computer networks)s)s, which could mean 'all or part of one or more (all or part of one or more (all or part of one or more (all or part of one or more computer system)s networks)s)s', which could go on forever without telling us much about what 'computer' means."

Culnane and Teague said it could also be interpreted to mean anything on the same network of networks, "which would mean a 'computer access warrant' covers anything on the Internet".

"Next time the Australian parliament chooses to interfere with the most complex logical systems that have ever been devised, we recommend giving at least one computer scientist the opportunity to read the legislation before it is passed through both houses of parliament," they added.

But their submission was not limited to jocularity, also pointing out what they termed were "two examples that show that this legislation is draconian in its provisions and nonsensical in its drafting".

One of these, they said, was the definition of the term "systemic weakness". The definition added the law reads: "systemic weakness means a weakness that affects a whole class of technology, but does not include a weakness that is selectively introduced to one or more target technologies that are connected with a particular person."

Culnane and Teague said this allowed "law enforcement to demand modifications that undermine the cyber security of millions of people, as long as something less than 'a whole class of technology' is affected. It addresses concerns about others' security by simply defining the issue away".

A second point they raised concerned forcing a person with knowledge of a computer system to compulsorily assist in an investigation.

"A person who refuses to assist can be jailed for five years. A similar provision now added to the Surveillance Devices Act (2004) allows the innocent person to be jailed for 10 years. There is no exclusion for jeopardising the information or security of others," the two academics pointed out.

"We would like to know whether any MP or Senator stood up in Parliament and seriously advocated jailing innocent Australian technologists, mathematicians, or engineers for refusing to undermine the security of critical Australian infrastructure.

"We are not lawyers, and have heard some more expert legal scholars say that this is probably not the way this clause was intended. If that is the case, it should be repealed and replaced with something that more closely resembles what the MPs of a democracy should support."

The encryption bill became law on 6 December but just 12 days later, the PJCIS said it would begin a fresh review.

The new review has asked for submissions and will submit a report by 3 April.

BUSINESS WORKS BETTER WITH WINDOWS 1O. MAKE THE SHIFT

You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer

Timezones

QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.

REGISTER!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments