A coalition of major telco and tech associations has called for a series of significant changes to the government’s highly controversial encryption bill following the farcical events around its passing during the last sitting day of 2018.
The bill, which gives agencies new powers to compel tech companies to provide access to encrypted data through a range of methods, was passed with bipartisan support in early December, despite a slew of Labor MPs publicly criticising it.
The legislation’s passage shocked and angered the Australian tech sector, with fears it will undermine encryption as a whole and put local companies looking to export products overseas at a severe disadvantage.
The Parliamentary Joint Committee on Intelligence and Security is continuing its inquiry into the bill despite it already passing, and a joint submission from a range of prominent players in the industry has called for a series of major amendments.
The Communications Alliance, AI Group, Australian Information Industry Association, Australian Mobile Telecommunications Association, Information Technology Professionals Association (ITPA) and DIGI’s submission argues the issuing of notices to tech companies needs to have judicial oversight, stronger limitations on the issuing of these notices, and better definitions of the new powers.
“As was manifestly clear in the lead-up to the relevant sittings of the House of Representatives and the Senate, the government amendments were drafted in haste in an overnight session and were distributed only in the early hours of 6 December. Almost inevitably there remain, in our view, significant problems with the amendments and other elements of the legislation,” the submission said.
“Many of the amendments are difficult to understand or interpret, appear unlikely to remedy the problems identified by industry and / or exhibit omissions which need to be addressed.”
The group may have to wait until after this year’s federal election though, with the Coalition appearing unwilling to make any significant changes to the legislation.
Top of the list for the groups is for a warrant-based system with judicial oversight to oversee the issuing of technical assistance notices and technical capability notices.
“It is only appropriate that the far-reaching powers granted by the legislation are supervised by an eligible judge. The fact that a person has been given the authority to issue a warrant does not guarantee sufficient oversight and / or independence in this context and must, therefore, be complemented by judicial consent,” the groups said.
The coalition of industry groups are supportive of the amendment on this issue moved by the Opposition but ultimately scrapped. Labor will be looking to move this amendment again during the first sitting weeks of this year, and if it wins the upcoming federal election.
The groups have also argued that the legislation’s working definitions of “systemic weakness” and “target technology” should be scrapped in favour of a statement outlining the prohibited effects of a notice.
Other amendments pushed for by the groups include raising the threshold for use of the notices to crimes with associated jail time of at least seven years, stronger consultation requirements and requirements ensuring that the legislation “does not weaken existing cybersecurity structures, that it balances security and privacy considerations and minimises unintended consequences”.
The submission said the amendments should be introduced “as soon as possible” and before the statutory review of the legislation.
ITPA director Robert Hudson said the current legislation “shows a blatant disregard for and misunderstanding of how the internet works” and it will “almost certainly not prevent a single act of terrorism”.
“Instead, the privacy and security of law-abiding citizens is now almost certain to be compromised for commercial, criminal or other non-legitimate purposes as tools prove to be as useful as a chocolate teapot for the purpose they were developed for, and instead are released or leaked into the hands of those who would do us harm,” Mr Hudson said.
When announcing it would be voting in favour of the contentious legislation late last year, the Opposition said it would be moving a series of further amendments early this year. But it did not have an agreement in place with the government for approval of these amendments, and home affairs minister Peter Dutton appears unwilling to support any major changes to the bill.
“We’ll entertain amendments that are consistent with the joint recommendations from that committee. We’re not going beyond that. Labor can try to water it down through whatever means they like… but we’ve been very clear,” Mr Dutton said in December.
Shadow digital economy minister Ed Husic has flagged Labor’s intent to move further amendments to the legislation if it wins the upcoming federal election.
“It’s something we have to do. The government refuses to have a serious judicial oversight mechanism. We could have a dedicated judge with a well-resourced team that could assess applications received. At the moment we have a combination of either ministers considering those applications or a retired judge. With all due respect I think a system as sensitive as this involving encryption needs much more substantive measures than what the government will allow,” Mr Husic told InnovationAus.com in December.