New legislation would be required for Australia to qualify for a much sought-after data-sharing agreement with the US, paving the way for amendments to the controversial encryption powers, according to the Opposition.
Labor has claimed that Home Affairs Minister Peter Dutton had admitted that legislation was needed to amend the Assistance and Access Act, with the Opposition’s own amendments to be debated in the Senate on Monday.
In October last year, shadow home affairs minister Kristina Keneally wrote to Mr Dutton raising concerns that the encryption-busting powers would stand in the way of Australia securing a deal with the US under the CLOUD Act, echoing similar issues raised by US congressman Jerold Nadler.
The CLOUD Act enables the US government to sign agreements with foreign countries to allow its law enforcement agencies to directly request data from a company based there and vice versa. It would allow Australia to request data from a company like Facebook in an expedited way and without having to go through US authorities.
Mr Dutton replied to Senator Keneally’s letter in early December, seemingly confirming that the government would have to introduce new legislation to Parliament to facilitate the deal with the US.
“I am pleased Labor supports a CLOUD Act agreement….successful negotiation of a CLOUD Act agreement is one of my highest priorities. A CLOUD Act agreement will greatly improve the efficiency of Australian law enforcement’s access to the information they need to do their job,” Mr Dutton said in the letter, seen by InnovationAus.
“Australia has engaged closely with the United States from the outset of the Assistance and Access Act 2018, particularly in the context of the CLOUD Act,” Mr Dutton wrote.
“I look forward to working with Labor on progressing through Parliament implementing legislation for this agreement and would be pleased to provide a briefing on these matters upon introduction of legislation.”
Labor has latched onto the concerns surrounding the CLOUD Act and is attempting to wedge the Coalition over the issue and force the government to support its encryption legislation amendments, which introduce judicial oversight among other reforms.
“Peter Dutton himself has admitted that the government’s encryption legislation is not compliant with the US CLOUD Act and it will require legislation to fix,” Senator Keneally told InnovationAus.
“The Home Affairs minister claims a CLOUD Act agreement is one of his ‘highest priorities’ but has dragged his feet, waiting over a year to even begin negotiations with the US. During this time it’s been harder for Australian law enforcement to quickly access the vital information they need to fight crime across international borders.
“Labor will introduce amendments in the Senate to include a judicial authorisation requirement to provide assurances to the United States Congress that Australia’s laws are compatible with the US government’s CLOUD Act.”
Labor’s amendments are expected to be debated in the Senate on Monday. They may pass the Senate with support from the cross bench but will likely be voted down by the Coalition in the House of Representatives.
The Department of Home Affairs has previously denied that the encryption powers would need to be amended in order to secure a data-sharing deal.
“No issues were identified with the Assistance and Access Act that would prevent Australia from successfully negotiating a CLOUD Act bilateral agreement,” the Department said in answer to a Senate estimates question on notice.
“The Department of Home Affairs has engaged with the United States Department of Justice on the compatibility of Australian law – including the Assistance and Access Act – with the requirements of the CLOUD Act.”
The CLOUD Act outlines how domestic laws must afford “robust substantive and procedural protections for privacy and civil liberties in light of the data collection and activities of the foreign government that will be subject to the agreement”.
The encryption powers, which give authorities the ability to compel tech companies to provide access to encrypted data, could violate this clause, Deakin University senior lecturer Dr Monique Mann said.
“We have US authorities saying it is an issue then Australian authorities saying it’s not. It is very clear that under CLOUD it says you can’t have any laws that undermine or weaken encryption, and that’s exactly what the rhetoric around the amendment is,” Dr Mann told InnovationAus.
“We do have provisions around against introducing systemic vulnerabilities or weaknesses, so it depends on what we classify as any of the actual things this legislation allows and whether or not that will be compliant with the CLOUD Act limitations on nothing mandating the removal of encryption. It depends on the way they interpret it.”