Pressure to keep peace puts our security at risk
NEVER ask police and intelligence agencies if they want more power because they will always say yes. That’s their job.
But the job of a democratically elected government is to balance that authoritarian impulse with the rights of citizens in a free society.
And that is where the Turnbull-Morrison government has failed miserably with new cyber security laws before parliament.
Ostensibly aimed at protecting us from crime and terrorism, they expose Australians to shocking security breaches and Orwellian state surveillance while actually making us less safe, according to every major tech company and IT professional who has reviewed the legislation.
The Assistance and Access Bill 2018, currently before a parliamentary committee, is an extraordinary expansion of the surveillance state.
It would, for instance, allow the government to order the makers of smarthome speakers to “install persistent eavesdropping capabilities into a person’s home, require a provider to monitor the health data of its customers for indications of drug use, or require the development of a tool that can unlock a particular user’s device regardless of whether such tool could be used to unlock every other user’s device as well, ” Apple warns in a submission opposing the bill.
It will force tech companies and telcos to insert a “back door” — a systemic vulnerability — into all encrypted systems, so the government can access everyone’s private communications.
Instead of targeting criminals, the government will hoover up all communications in the hope they will find someone doing wrong. And, unlike surveillance laws around the world, this bill requires no judicial oversight.
ASIO, ASIS, the Australian Signals Directorate, Federal Police and state police forces and bureaucrats in Peter Dutton’s mega Department of Home Affairs, acting in secret and without oversight from the courts, would be able to force companies to compromise their products to gain access to any data they want, as well as access data of other governments.
The bill will affect every Australian who uses technology. Your smartphone contains a chip that encrypts your data. Your health records, online banking, credit card transactions, the family photos you upload to the cloud — all are encrypted. More than one trillion transactions occur every day over the internet as a result of encrypted communications. This bill gives the government access to the lot.
Perversely, the law is also likely to help wrongdoers, say IT professionals. Cyber criminals and terrorists will be able use that back door.
“If you put a back door into anything you want to keep secret, your enemies will figure out a way of getting in,” says one expert.
Weakening encryption, as this bill would do, risks attacks on vital infrastructure, such as power grids and transportation hubs, warns Apple.
Last week, Dutton att- acked Big Tech for opposing the bill, saying Google and Facebook were tax dodgers who had to decide whether or not they were on the side of organised crime.
While he claims the legislation will not require the provision of back doors, Apple describes it as “dangerously ambiguous” on that score.
Last week, the InspectorGeneral of Intelligence and Security, the oversight body for the intelligence services, agreed. In an extraordinary 50-page list of concerns about the bill, IGIS said it contains a “loophole” which would effectively compel IT providers to create “voluntary” back doors.
One IT professional who has analysed the 137 pages of legislation says it will decimate the $3 billion Australian encryption industry and force companies to move overseas.
“These companies will never again be able to convince their overseas customers that their products are secure and don’t expose user data to snooping by the Australian Government or one of its allies,” he says.
The legislation would wreak the same damage on Australian companies as did the government’s ban on Huawei, on the basis that its prod- ucts had been compromised by the Chinese government. The decision cost Huawei tens of billions in sales.
It is troubling that August’s leadership coup meant the government took its eye off this legislation. Angus Taylor was Minister for Cyber security and unveiled the draft bill one week before he resigned as a prelude to the removal of Malcolm Turnbull. In Scott Morrison’s reshuffle, Dutton was given responsibility for cyber security.
Dutton must now heed the warnings that this misguided, muddled legislation will cause more harm than good.
The nuptials at Windsor Castle of Jack Brooksbank and Princess Eugenie proved a ratings bonanza for the Seven network. Picture: Danny Lawson/AP