Skip to main content

Contentious privacy legislation recently passed in Australia

Image Credit: Flickr / Book Catalog

In early December 2018, privacy-conscious Australians were shocked to learn that their elected Members of Parliament voted to pass the highly controversial Access and Assistance Bill.

Days before the Parliament met to vote on this law, which many people did not think would pass based on how hastily it was drafted and introduced, Twitter commentary tagged with #AABill intensified.

Despite what appeared to be great public opposition to the #AABill, there were credible fears about a blindside approval of the law, similar to the shock some American voters faced in 2016 when, in United States, Donald Trump unexpectedly won the election.

The Access and Assistance Bill focuses on encrypted communications; in essence, it empowers law enforcement agents to compel Australians to unlock their smartphones and other personal computing devices. Taking a closer look at the #AABill, there are greater issues at stake.

First of all, the law also extends to visitors, which means that tourists can now be forced to turn over their mobile devices at airports and seaports. Second, there are serious concerns about the government's ability to install backdoor systems into personal computing devices and even cloud computing platforms for the purpose of defeating encryption and intercepting personal communications.

How personal data privacy is affected by the bill

Under the guise of protecting Australians from terrorism threats, Members of Parliament have effectively passed a bill that bypasses the traditional due process of obtaining warrants to access digital communications.

Instead of judicial oversight, police and intelligence officers will be able to invoke a new legal instrument called a Technical Capability Notice, which is intended to break the encryption functionality offered as a security feature in apps such as WhatsApp, Facebook Messenger, Signal, and others.

Armed with a Technical Capability Notice, law enforcement agents would be able to bypass Australian courts and force tech companies to assist them with decryption.

Aside from messaging apps, email software, virtually any application that features encryption - including Windows BitLocker - falls under the purview of the #AABill.

What Australians can do to fight the #AABill

There is no question that we are living in ideologically polarising times. Brexit, the Trump election, the rise of the Islamic State, and the multiple Facebook data privacy scandals of the last few years are developments that cannot be ignored.

There is also the rise of political extremism in Europe as well as a shift in ideological sentiment in Australia, a country where data encryption was strongly supported a little over a decade ago, but has started to erode in recent years.

The growing use of virtual private network technology (VPN) in Australia is proof that people are rightfully concerned about data privacy and secured digital communications. Intended to be used in conjunction with your ISP, many VPN services offer a free trial so that users test before you buy basis, which you should take advantage of because not all are created equal.

The danger of similar laws being enacted elsewhere

Even though the #AABill is a domestic law, privacy advocates around the world are worried that it may set off a domino effect, particularly among the intelligence alliance known as the Five Eyes.

In 2013, when American espionage contractor Edward Snowden revealed the global reach of the mass surveillance conducted by the National Security Agency, the world learned about the Five Eyes alliance, which is comprised of Australia, Canada, New Zealand, the United States, and the United Kingdom.

Now we know that these five nations have similar interests in terms of mass intelligence gathering even if it goes against the principles of privacy that the Western world is widely believed to defend.

Senator Jordon Steele-John of Western Australia, a politician aligned with the Greens, has been strongly opposed to the #AABill, which he compared it to giving U.S. President Donald Trump an opportunity to read email messages over the shoulders of Australians.

Senator Steele-John has a point: laws that are intended to weaken data encryption tend to backfire through cybercrime and diminished security. Information security experts in the U.S. have maintained that installing backdoor systems is a slippery slope because such systems can be compromised. In other words, it will not take much effort on China's part, for example, to take over a backdoor installed by Australian agents.

Riana Pfefferkorn, the Associate Director of Surveillance and Cybersecurity at the Stanford Center for Internet and Society, recently testified before Australia's Parliamentary Joint Committee on Intelligence and Security (PJCIS) regarding the proposed Assistance and Access Bill to fight the bill on behalf of Aussies.

“It is not clear whether the alarmingly broad powers it seeks for Australian agencies are really called for. What are the specific problems this Bill is trying to solve, and how big are those problems? Do they merit the serious trade-offs to multiple crucial interests that the Bill would entail if passed as-is?” - Professor Pfefferkorn’s testimony

And the rank and file Australian citizens are getting nervous.

Ever since the Snowden revelations of 2013, more people have been paying attention to privacy protections suggested by advocacy groups like Privacy Australia, whose founder, Lucas Johnson, says traffic to his site has increased considerably in recent months with the proposition and passage of the #AABill.

Learning from the past - or no

Senator Penny Wong from the ‎Labour Party, one of the supporters of the #AABill, has stated that she is not concerned about foreign governments losing faith in Australian products and services because of the new law. With all due respect to Senator Wong, she may be missing the point.

Chinese telecom giant Huawei, for example, was banned from providing equipment to NBN and Telstra because that nation is suspected to install backdoor systems. What would prevent a privacy-conscious nation such as Spain, for example, from no longer purchasing defence and telecommunications equipment made in Australia?

Now that the world knows that the government can freely install backdoor systems, keyloggers and even malware, the technology sector in Australia shouldn’t be surprised if it suffers financial consequences.

The bottom line

Encryption technology was developed for the purpose of keeping data safe. It might not be too much of a stretch to consider the #AABill a threat to democracy.

Don’t be surprised when technology companies based in Australia start migrating their operations overseas in search of jurisdictions where the laws do not allow government agents to install backdoor systems or compel them to intrude upon their networks.

In the end, it is important to note that many other countries see Australia as a democratic system that should be emulated.

Other leaders of democratic nations have not yet signalled an intention to introduce measures such as the #AABill in the U.S., but that could be on the horizon.

Sam Bocetta, freelance journalist
Image Credit: Flickr / Book Catalog