Australian industry and tech groups unite to fight encryption-busting Bill

The new mega-group has called on Canberra to ditch its push to force technology companies to help break into their own systems.
Written by Chris Duckett, Contributor

A new group calling itself Alliance for a Safe and Secure Internet has been formed by Australian industry, technology, and human rights groups to persuade Canberra to ditch its encryption-busting Bill.

The Bill is currently before the Parliamentary Joint Committee on Intelligence and Security, with a minuscule three-week window for submissions closing on Friday, October 12 and a hearing set for Friday, October 19.

The proposed legislation would allow the nation's police and anti-corruption forces to ask, before forcing, internet companies, telcos, messaging providers, or anyone deemed necessary, to break into whatever content interception agencies want access to.

"This Bill stands to have a huge impact on millions of Australians, so it is crucial that lawmakers reject this proposal in its present form before we sleepwalk into a digital dystopia," said board member of Digital Rights Watch and alliance spokesperson Lizzie O'Shea.

"The rushed processes coupled with the lack of transparency can only mean that expert opinions from Australia and abroad are being disregarded, and deep concerns about privacy erosion and lack of judicial review have simply been tossed aside."

The membership of the new alliance consists of Australian Communications Consumer Action Network, Access Now, Ai Group, Australian Information Industry Association, Amnesty International Australia, AMTA, Blueprint for Free Speech, members of Communications Alliance sans NBN, DIGI, Digital Rights Watch, Future Wise, Hack for Privacy, Human Rights Law Centre, Internet Australia, IoT Alliance Australia, and Liberty Victoria.

"The scope of this legislation sets a disturbing first-world benchmark and poses real threats to the cybersecurity and privacy rights of all Australians," Communications Alliance CEO and alliance spokesperson John Stanton said.

Also read: The race to ruin the internet is upon us

Speaking last month, Stanton said the encryption-busting legislation set a new benchmark for outrageous and cheeky legislation.

"You almost have to congratulate them about the way that they have constructed the elements of this legislation, which, when you view each of them on their own, looking concerning, [and] when you combine them, definitely scary," Stanton said at the time.

"When you think about the scope of the Bill, where it expands on an unholy trinity of how many agencies can take advantage of the powers of the legislation, how many players in Australia and abroad that it seeks to direct and control, and the virtually unlimited scope of the acts that it can require to be undertaken -- that really is breathtaking, I think.

"And when you look into those acts about the potential to remove electronic protection, to give up source code, to install software to create systemic weaknesses in devices, that really opens up a Pandora's box."

See: Australia's anti-encryption law will merely relocate the backdoors

Ten days after releasing its draft legislation, the government rushed its encryption-busting Bill into the House of Representatives with a number of changes.

Patrick Fair, partner at law firm Baker McKenzie, told ZDNet at the time that the changes were a step forward, but failed to take the concerns expressed by the technical community into account.

Fair said a list of criteria added to the Bill -- against which those issuing compulsory notices need to have regard of, including the "legitimate expectations of the Australian community relating to privacy and cybersecurity" -- was so broad that it would now be harder for a service provider to say compliance is costly and risky, than it was before. But even disputing a decision is going to be hard.

"The way they've set it up, it's an administrative decision by a government decision maker, so it's not something that is easy to overturn, probably," he said.

Related Coverage

Encryption Bill sent to joint committee with three week submission window

Fresh from rushing the legislation into Parliament, the government will ram its legislation through the Parliamentary Joint Committee on Intelligence and Security.

Home Affairs makes changes to encryption Bill without addressing main concerns

Services providers now have a defence to use if they are required to violate the law of another nation, and the public revenue protection clause has been removed.

Internet Architecture Board warns Australian encryption-busting laws could fragment the internet

Industry groups, associations, and people that know what they are talking about, line up to warn of drawbacks from Canberra's proposed Assistance and Access Bill.

Australia's anti-encryption law will merely relocate the backdoors: Expert

If the Assistance and Access Bill becomes law as it stands, it could affect 'every website that is accessible from Australia' with relatively few constraints in the government's powers.

Five Eyes governments get even tougher on encryption

Official statements from the Five Country Ministerial meeting make it clear: Voluntarily build lawful access into encrypted messaging systems, or else. It's not a good look.

Editorial standards