The federal government’s highly controversial new encryption-busting powers have been used at least 25 times since they came into effect a year ago.
A Home Affairs’ annual report on telecommunications intercepts has revealed that laws were used seven times in the period from its passage through the Parliament in late 2018 up to the end of the last financial year.
But the answer to a Senate Estimates’ question on notice has further revealed that the controversial laws were used 18 more times in the four months to November 2018.
The Assistance and Access Act, passed in late 2018, gives Australian authorities and agencies the power to compel technology companies and their employees to provide access to encrypted data.
Under a technical assistance request, tech companies can be asked to voluntary help using existing capabilities, while technical assistance notices and technical capability notices compel them to provide help and to build new technical capabilities that will provide that access.
The Assistance and Access Act has been widely criticised for undermining the security of encryption, and for the potential for misuse and abuse of the new powers.
The Home Affairs department’s annual report on the Telecommunications (Interception and Access) Act 1979 has revealed that the new powers had been used seven times in the months up to July 2019. They were used five times by the Australian Federal Police and twice by New South Wales Police.
Each of the uses of the new law were through technical assistance requests, meaning the companies were voluntarily asked to help.
But in an answer to a Senate Estimates question on notice, Home Affairs further revealed that as of November last year, 25 technical assistance requests had been issued by three agencies. It did not say which agencies had made the requests or for what alleged offence.
That means that 18 technical assistance requests were issued in the second half of last year.
The annual report revealed the encryption powers had been utilised for cybercrime offences, a homicide, an illicit drug offence, organised crime offences, theft and telecommunications offences.
After supporting the encryption powers unamended in late 2018, Labor has since introduced amendments to Parliament which is expected to be debated next week.
The amendments include the introduction of judicial oversight, with the Opposition raising concerns that Australia won’t qualify for a data-sharing agreement with the US due to the laws.
The tech sector has railed against the powers, saying they have had a negative impact on Australia’s reputation and have made it less likely that companies would conduct development operations in Australia.
According to a survey conducted by InnovationAus in partnership with the Communications Alliance, StartupAUS and the Information Technology Professionals Association (ITPA), more than half of respondents said the legislation had a “very negative” impact on Australia’s reputation, and a further 44 per cent said it had a “somewhat negative” impact.
More than 60 per cent of respondents said they had customers who have expressed concerns about the impact of the laws, while 40 percent reported they had lost sales either locally or in export markets as a direct result of them.
The passing of the encryption bill was a “body blow” for the local tech sector, shadow innovation minister Clare O’Neil said late last year, while shadow assistant minister for cybersecurity Tim Watts said the passing of the powers was a failure all round.
“It was a failure of parliamentary process, a failure of bipartisanship on national security and a failure of the Morrison government to keep its word. Since then, Australia’s technology sector, particularly our cyber security sector, has been paying the price of these failures. Labor is acting to right these wrongs,” Mr Watts said last year.
Labor’s amendments to the Assistance and Access Act are set to be debated in the Senate next week.