Tech sector meekly waves arms in another bid to get Oz to amend its crypto-busting laws
Rather than binning them and starting again
Comment An alliance of Australia's tech and industry advocacy groups hopes, yet again, to have the country's encryption-busting legislation tweaked before the government goes to an election no later than May.
Rather than a complete repeal of the Telecommunications (Assistance and Access) Act, the Communications Alliance-led group is asking for amendments, some proposed by the Australian Labor Party (but withdrawn to let the bill pass), that it hopes would improve citizens' protection under the legislation.
The focus seems to be "the art of the possible": there's no call for a repeal of the legislation, but rather, an extension of judicial oversight, and more defined limits on agencies' powers under the various notices permitted in the laws.
Oz opposition folds, agrees to give Australians coal in their stockings this ChristmasREAD MORE
The Australian Communications Alliance said the group wants a warrant-based system for all notices, to provide judicial consent before providers have to comply with agency notices.
The group believes the risk of accidental "backdoors" in communications systems and software would be reduced if amendments could "clearly articulate and narrow the limits of what agencies can request".
The range of offences should also be narrowed, the groups has argued.
The legislation passed last year allows agencies to demand assistance accessing the communications of subjects of investigation, if the crime under investigation has a penalty of three years' prison. The industry wants that increased to seven years, to avoid relatively minor investigations being used as the basis for an access or assistance request.
The other wishlist items are that the government consults with communications providers before requiring them to comply with notices, and that providers be able to refuse agencies' notices if they would put the provider in breach with foreign law.
The list of signatories to the submission is the Communications Alliance, the Australian Industry Group (Ai Group), the Australian Information Industry Association (AIIA), the Australian Mobile Telecommunications Association (AMTA), the Information Technology Professionals Association (ITPA) and Digital Industry Group (DIGI).
As we've previously noted, DIGI is the Australian lobby representing Facebook, Google, Twitter, Yahoo!, YouTube and others.
How do you break encryption without breaking encryption?
The Register networks correspondent isn't so sure the industry lobbies are taking the right path here.
Somehow improving the regime, whether it's making it harder to get assistance/access notices issued, warrant requirements, or restricting the kinds of investigations that can use the legislation – none of this addresses the core issue: nobody has demonstrated how you can break encryption without breaking encryption.
UK spies: You know how we said bulk device hacking would be used sparingly? Well, things have 'evolved'...READ MORE
GCHQ's November 2018 "virtual crocodile clips" proposal was hailed by some as solving the problem. In reality, it breaks encryption by stripping away trust in user authentication, rather than breaking a cipher.
"Making this bad thing a little less bad" feels at best like minimalism: a tacit admission that tech has lost the debate.
That shouldn't surprise anybody. Since the days when this publication was dubbing '90s-era communications minister Richard Alston the "biggest Luddite in history", tech has had its arguments overruled by Canberra: the NBN's fibre-to-the-home premise was gutted for the expensive "multi-technology model", movie studios can get courts to poison ISPs' DNS records in a regime expanded last year to sweep up Google, and the government's telecommunications data retention scheme happened against tech's objections.
It's hardly encouraging. ®
Sponsored: Becoming a Pragmatic Security Leader