Digital and civil rights’ push for CLOUD Act changes

Denham Sadler
National Affairs Editor

Australian civil and digital rights and legal groups have met with the US government to discuss the proposed expedited data-sharing deal between the two nations and push for better privacy and transparency protections.

The Australian government is currently in negotiations with the US to secure an agreement under the CLOUD Act, which would allow local authorities to request data from companies based in the other country without going through their counterparts, speeding up the process.

In order to secure such a deal, the US government requires that a country meet a number of privacy and civil rights benchmarks.

The Australian government had aimed to pass the necessary legislation, centred on international production orders, by the end of last month, but failed to do so. The legislation is still subject of a Parliamentary Joint Committee on Intelligence and Security inquiry.

Monique Mann
Monique Mann: A digital and civil rights push-back on CLOUD Act

On Wednesday, representatives from the US Department of Justice and Department of State met with Australian digital rights, civil rights and legal experts to discuss aspects of the CLOUD Act and how it interacts with other Australian laws, such as the controversial anti-encryption powers.

On Thursday, the US government will meet with their American counterparts to discuss similar local issues.

The Legal Council of Australia, Deakin University lecturer Dr Monique Mann, the Open Institute and the Australian Privacy Foundation, among others, were each given five minutes each to discuss certain issues surrounding Australia landing a CLOUD Act deal.

The meetings are a chance for these organisations to make the case for better privacy protections and transparency in the agreement, Dr Mann said, and to push for better provisions in law in Australia.

“Because we have such a weak framework here, this provides an opportunity to strengthen some of the things that are so weak with Australian domestic law, in particular TOLA and the control orders,” Dr Mann told InnovationAus.

“If the US government can actually use this process in a way that leverages or creates some reflections from the Australian government perspective in terms of some problematic provisions in the domestic regime, given the absence of a human rights framework, they have to raise the standard a little bit.”

The only CLOUD Act agreement signed so far by the US has been with the UK government. Special procedures were implemented on both sides, for the US in terms of a crime subject to the death penalty, and in the UK in terms of press freedom.

Significant issues raised by those in attendance included the politicians within the Administrative Appeals Tribunal, which will be overseeing the IPO (international production order) regime, a lack of transparency surrounding the bill and the absence of an overarching human rights framework in Australia.

Dr Mann specifically raised concerns with how a CLOUD Act deal would interact with the encryption laws passed by Australia at the end of 2018 and the control orders regime, and the targeting of Australian journalists.

“There’s a curious interaction with TOLA, where there’s the potential to combine a TOLA or TCN with something like an IPO request. A US company could not only access content through an agreement but could also undermine encryption in the process,” Dr Mann said.

“That’s contrary to what we have in the prior requirements and contrary to robust human rights-respecting regimes.”

The potential combination of a CLOUD Act request with Australia’s control orders means the threshold for issuing an international production order should be raised.

“Under the IPO, the Australian government will be able to use that to monitor people subject to a control order even though they may not have committed or are suspected of committing a criminal offence. That raises some questions about the threshold of serious crime under the CLOUD Act,” she said.

Dr Mann also raised concerns over the potential for journalists to be targeted by an IPO, and how this is compatible with America’s First Amendment protections.

“The Australian government has an atrocious record of going after journalists to get their sources under the guide of national security and using law enforcement and intelligence powers to do so,” Dr Mann said.

“I don’t agree with the metadata retention laws and a lot of criticism about the nature of warrants in the regime, but that could be one possible model to consider for enhanced protections for journalists. Everyone should be afforded the same protections but journalists do have greater public interest.”

The Coalition had previously said it was “vital” for the legislation facilitating the CLOUD Act deal to be passed by Parliament during the winter sittings but failed to do so. The Department of Home Affairs has said it is continuing to negotiate with the US government to secure a data-sharing deal.

Do you know more? Contact James Riley via Email.

Leave a Comment

Related stories