Pres­sure to keep peace puts our se­cu­rity at risk

The Sunday Telegraph (Sydney) - - NEWS - MI­RANDA DEVINE

NEVER ask po­lice and in­tel­li­gence agen­cies if they want more power be­cause they will al­ways say yes. That’s their job.

But the job of a demo­crat­i­cally elected govern­ment is to bal­ance that au­thor­i­tar­ian im­pulse with the rights of cit­i­zens in a free so­ci­ety.

And that is where the Turn­bull-Mor­ri­son govern­ment has failed mis­er­ably with new cy­ber se­cu­rity laws be­fore par­lia­ment.

Osten­si­bly aimed at pro­tect­ing us from crime and ter­ror­ism, they ex­pose Aus­tralians to shock­ing se­cu­rity breaches and Or­wellian state sur­veil­lance while ac­tu­ally mak­ing us less safe, ac­cord­ing to ev­ery ma­jor tech com­pany and IT pro­fes­sional who has re­viewed the leg­is­la­tion.

The As­sis­tance and Ac­cess Bill 2018, cur­rently be­fore a par­lia­men­tary com­mit­tee, is an ex­tra­or­di­nary ex­pan­sion of the sur­veil­lance state.

It would, for in­stance, al­low the govern­ment to or­der the mak­ers of smarthome speak­ers to “in­stall per­sis­tent eaves­drop­ping ca­pa­bil­i­ties into a per­son’s home, re­quire a provider to mon­i­tor the health data of its cus­tomers for in­di­ca­tions of drug use, or re­quire the de­vel­op­ment of a tool that can un­lock a par­tic­u­lar user’s de­vice re­gard­less of whether such tool could be used to un­lock ev­ery other user’s de­vice as well, ” Ap­ple warns in a sub­mis­sion op­pos­ing the bill.

It will force tech com­pa­nies and tel­cos to in­sert a “back door” — a sys­temic vul­ner­a­bil­ity — into all en­crypted sys­tems, so the govern­ment can ac­cess every­one’s pri­vate com­mu­ni­ca­tions.

In­stead of tar­get­ing crim­i­nals, the govern­ment will hoover up all com­mu­ni­ca­tions in the hope they will find some­one do­ing wrong. And, un­like sur­veil­lance laws around the world, this bill re­quires no ju­di­cial over­sight.

ASIO, ASIS, the Aus­tralian Sig­nals Direc­torate, Fed­eral Po­lice and state po­lice forces and bu­reau­crats in Peter Dut­ton’s mega De­part­ment of Home Af­fairs, act­ing in se­cret and with­out over­sight from the courts, would be able to force com­pa­nies to com­pro­mise their prod­ucts to gain ac­cess to any data they want, as well as ac­cess data of other govern­ments.

The bill will af­fect ev­ery Aus­tralian who uses tech­nol­ogy. Your smart­phone con­tains a chip that en­crypts your data. Your health records, on­line bank­ing, credit card trans­ac­tions, the fam­ily pho­tos you up­load to the cloud — all are en­crypted. More than one tril­lion trans­ac­tions oc­cur ev­ery day over the in­ter­net as a re­sult of en­crypted com­mu­ni­ca­tions. This bill gives the govern­ment ac­cess to the lot.

Per­versely, the law is also likely to help wrong­do­ers, say IT pro­fes­sion­als. Cy­ber crim­i­nals and ter­ror­ists will be able use that back door.

“If you put a back door into any­thing you want to keep se­cret, your en­e­mies will fig­ure out a way of get­ting in,” says one ex­pert.

Weak­en­ing en­cryp­tion, as this bill would do, risks at­tacks on vi­tal in­fra­struc­ture, such as power grids and trans­porta­tion hubs, warns Ap­ple.

Last week, Dut­ton att- acked Big Tech for op­pos­ing the bill, say­ing Google and Face­book were tax dodgers who had to de­cide whether or not they were on the side of or­gan­ised crime.

While he claims the leg­is­la­tion will not re­quire the pro­vi­sion of back doors, Ap­ple de­scribes it as “dan­ger­ously am­bigu­ous” on that score.

Last week, the In­spec­torGen­eral of In­tel­li­gence and Se­cu­rity, the over­sight body for the in­tel­li­gence ser­vices, agreed. In an ex­tra­or­di­nary 50-page list of con­cerns about the bill, IGIS said it con­tains a “loop­hole” which would ef­fec­tively com­pel IT providers to cre­ate “vol­un­tary” back doors.

One IT pro­fes­sional who has an­a­lysed the 137 pages of leg­is­la­tion says it will dec­i­mate the $3 bil­lion Aus­tralian en­cryp­tion in­dus­try and force com­pa­nies to move over­seas.

“These com­pa­nies will never again be able to con­vince their over­seas cus­tomers that their prod­ucts are se­cure and don’t ex­pose user data to snoop­ing by the Aus­tralian Govern­ment or one of its al­lies,” he says.

The leg­is­la­tion would wreak the same dam­age on Aus­tralian com­pa­nies as did the govern­ment’s ban on Huawei, on the ba­sis that its prod- ucts had been com­pro­mised by the Chi­nese govern­ment. The de­ci­sion cost Huawei tens of bil­lions in sales.

It is trou­bling that Au­gust’s lead­er­ship coup meant the govern­ment took its eye off this leg­is­la­tion. An­gus Tay­lor was Min­is­ter for Cy­ber se­cu­rity and un­veiled the draft bill one week be­fore he re­signed as a pre­lude to the re­moval of Mal­colm Turn­bull. In Scott Mor­ri­son’s reshuf­fle, Dut­ton was given re­spon­si­bil­ity for cy­ber se­cu­rity.

Dut­ton must now heed the warn­ings that this mis­guided, mud­dled leg­is­la­tion will cause more harm than good.

The nup­tials at Wind­sor Cas­tle of Jack Brooks­bank and Princess Eu­ge­nie proved a rat­ings bo­nanza for the Seven net­work. Pic­ture: Danny Law­son/AP

Newspapers in English

Newspapers from Australia

© PressReader. All rights reserved.