IA — a not-for-profit organisation representing Internet users — says it is deeply concerned with the exposure draft of the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill by the Department of Home Affairs – and the short four-week period permitted for public comments and analysis.
“We recognise that law enforcement has a legitimate desire to access and view information transmitted across telecommunications networks by serious criminals, and that often these messages are encrypted in some form, as Internet application developers enhance the security and confidentiality of their services,” the IA chair Dr Paul Brooks said on Wednesday.
“However the government needs to recognise the clear potential dangers to the security and privacy of ordinary Australians which this legislation, in its current form, poses.”
According to Dr Brooks, the draft legislation “clearly needs further work before it can be seriously considered to be fit for purpose”.
“A back-door into devices is still a back-door.
“Law enforcement are seeking expanded powers to issue requirements and instructions directly to manufacturers and distributers of all communications devices – mobile phones, landline phones, broadband modems, printers, smart TVs, the new crop of voice-enabled home assistants. Everything is captured.
“Further, these powers appear to permit the government to instruct the device manufacturer to actively change how the device functions, to add or subtract functionality. These new powers go far beyond merely gaining access to messages.”
IA and the global Internet Society say they will shine a light on the proposed encryption law when they jointly hold an open Experts Session on Encryption at Parliament House in Canberra on 20 August, with international experts from MIT, Mozilla, the IAB, as well as Australian experts in attendance.
Telco industry lobby group Communications Alliance has welcomed release of the draft encrption law and CEO John Stanton says it will take some time to get a clear picture as to what is being proposed and whether the draft legislation is practical and provides "sufficient clarity to allow our industry to implement the new regime in the relevant timeframes envisaged by the law".
CA chief executive John Stanton says the industry is currently working through details of the “complex piece of legislation” and “looking for ways in which it might be improved and understanding the implications of the new rules for our industry”.
CA notes that the draft Assistance and Access Bill extends significantly the reach of government and its agencies and the types of assistance that can be requested or required from telecommunications players in Australia or companies providing communications products and services to Australia from offshore.
In his analysis of the draft law, iTWire's Sam Varghese wrote on Tuesday that the Australian Government has "left open the door for enforcement agencies to use specific cracks to gain access to encrypted communications on specific devices, given the language it has used in a draft of a new cyber law".
"There has been much speculation over the last year about what Canberra would do with regard to encryption. The draft law issued on Tuesday indicates that no foolhardy attempt will be made to insert generic backdoors."