Australian ministers to meet with Google, Apple in the name of cybersecurity
The Australian government has sent cybersecurity representatives to the United States this week, hoping to strengthen the cyber alliance between both countries and parade local cyber talent.
Minister for Law Enforcement and Cyber Security Angus Taylor, alongside Commonwealth Cyber Coordinator Alastair MacGibbon and Australian Federal Police Assistant Commissioner Neil Gaughan, are expected to this week meet with US government counterparts and senior officials in Washington, including the Department of Homeland Security and the Federal Bureau of Investigation.
The trio will also meet with representatives from PayPal, Twitter, Apple, and Google to "encourage deeper cooperation with governments to address challenges faced by law enforcement".
"It is clear that governments cannot succeed alone and must work with the private sector to drive innovation and protect our digital borders," Taylor said in a statement.
"Our engagement with the US government and global technology companies will advance our priority to develop a coordinated national cyber defence policy in 2018.
"Cyber defence capabilities are strengthened with joint cyber activities and data sharing not only between governments, but also between governments and industry, to stop emerging cyber threats."
Missing from the list of tech giants is Facebook, which is currently under global investigation following revelations information on up to 87 million users, mostly from the US, was "improperly shared" with Cambridge Analytica.
Taylor praised the passage of the Clarifying Lawful Overseas Use of Data Act by the United States Congress last week, labelling it a significant step in international law enforcement cooperation in the digital age.
"The CLOUD Act will greatly improve the efficiency of law enforcement's access to the information they need to do their job and strengthen protections of people's data, no matter where their data is held," Taylor said.
"Timely access to electronic data held by communications service providers is an essential component of government efforts to protect public safety and combat serious crime, including terrorism, child sex offences, and organised crime."
The minister believes such efforts are impeded when access to "important data held on servers overseas" is slowed down by "cumbersome processes not suited for fast-advancing communication environments". He said it also significantly delays the investigation and prosecution of serious crimes.
The CLOUD Act creates a framework for law enforcement agencies to directly access under lawful warrant data across borders. It allows bilateral agreements between the US and other countries, touted as enabling more efficient lawful access to relevant data.
The Australian government last year met with representatives from Facebook, with the social media giant schooling the politicians on cybersecurity, in particular the current threat environment. At the time, the expectation was that politicians would also learn how to enhance their security on the social network.
The meeting follows the Australian government reigniting its push to access encrypted communications in February, with Minister for Home Affairs Peter Dutton labelling "ubiquitous encryption" a "significant obstacle" to terrorism investigations.
According to Dutton, more than 90 percent of counter-terrorism targets are using encryption for communications, including for attack planning in Australia.
"Decryption takes time, a precious commodity when threats may materialise in a matter of days or even hours," he added. "Law enforcement access to encrypted communications should be on the same basis as telephone and other intercepts, in which companies provide vital and willing assistance in response to court orders."
Dutton believes companies "ought to be concerned" with the reputational harm that comes from terrorists and criminals using their encryption and social media platforms for illicit ends.
Australian Prime Minister Malcolm Turnbull, along with his then Attorney-General George Brandis, announced plans in July to introduce legislation that would force internet companies to assist law enforcement in decrypting messages sent with end-to-end encryption.
Questioning if the proposed legislation was technically possible, ZDNet asked the prime minister if the laws of mathematics would trump the laws of Australia.
"The laws of Australia prevail in Australia, I can assure you of that," Turnbull told ZDNet. "The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia."
Dutton said the Coalition still intends to introduce legislation that would force companies to bend to the government's will.
"The government is willing to work with these firms, but we will also introduce legislation to ensure companies providing communications services and devices in Australia have an obligation to assist agencies with decryption," he said. "And as a society, we should hold these companies responsible when their service is used to plan or facilitate unlawful activity."
According to the minister, the companies involved -- highlighted as ISPs, those "involved in apps", and social media giants -- have a social responsibility to ensure terrorist activity isn't conducted on their respective platforms.
As part of his trip, Taylor will also lead a delegation of 65 Australian cybersecurity representatives from 45 companies to the RSA Cyber Security Conference in San Francisco.
The minister expects the initiative will prove Australia's cybersecurity prowess and forge the country as an "international hub for cybersecurity innovation and investment".
"A strong innovation culture, excellence in research and development, robust regulation, and supportive government policies all increase Australia's appeal as a location to develop and test new cyber security solutions," Minister for Trade, Tourism and Investment Steven Ciobo added.
"There are huge opportunities to grow Australia's industry over the next decade and this visit to the US is designed to help unlock some of that potential."
The delegation is organised by Austrade and the Australian Cyber Security Growth Network (AustCyber), and includes local companies that boast expertise across a range of areas, including quantum encryption, endpoint protection, and threat intelligence.
"With the growth of new technologies, including data analytics and Internet of Things, comes new cyber threats, so we need to ensure our technology and expertise to fight cybercrime is more sophisticated than ever before," said Taylor, who last month told ZDNet the Australian government considers itself to be "world-leading" when it comes to cybersecurity.
The delegates will be joined by five cybersecurity startups currently in residency at Silicon Valley's RocketSpace technology campus as part of the government's AU$11 million startup landing pad initiative aimed at helping Australian entrepreneurs take their ideas to international markets.
A smaller delegation will also travel to Washington DC for defence industry meetings, the government said.
PREVIOUS AND RELATED COVERAGE
Australian government considers approach to cybersecurity 'world-leading'
A prime minister that understands the seriousness of cybersecurity combined with cross-government and public-private information sharing initiatives has sent Australia to the fore, according to Minister for Law Enforcement and Cyber Security Angus Taylor.
Australian government still pushing decryption magic bullet
Seven months after Prime Minister Malcolm Turnbull told ZDNet the laws of Australia will trump the laws of mathematics, Minister for Home Affairs Peter Dutton has discussed looming legislation that would force companies to help the government access communications.
Australian pollies shut down calls for transparency over data use
In the wake of the Cambridge Analytica Facebook data misuse controversy, the Australian Greens had its motion for transparency over politician data use blocked in the Senate.
Warranted access to face-matching system thrown out by Home Affairs
The Department of Home Affairs said built-in privacy safeguards are sufficient, and that the Commonwealth Bill is not intended to regulate access to the services by other agencies.
Encrypting communication: Why it's critical to do it well (TechRepublic)
It isn't just enough to know that your devices and communications are encrypted. Competently configuring encryption with secure ciphers is vital to protecting data.