Changing the Locks: Proposed Amendments to the Australian Encryption Act – Lexology

The Australian Encryption Act was passed last year in response to the governments concern about misuse of encrypted social media platforms to advance terrorist activities. The Act extended ASIO, Federal, and State law enforcement powers to enable them to issue notices to request access to otherwise encrypted messages from designated communication providers. This was construed broadly to include social media giants such as Whatsapp, device manufacturers, and free WIFI providers. Authorities were also permitted to detain people without a warrant or allowing them to contact a lawyer.

Initial Response

Since then, the Act has been received with significant caution from the industry. The new Technical Capability Notices (TCN) enabled authorities to require communications providers to establish back doors to allow for interceptions and decryptions of otherwise encrypted messages on specific devices without the customers knowledge. Agencies can also circumvent encryption by installing key logging software or by taking repeated screenshots of a customers screen and messages. Concerns have been raised about individuals privacy and systemic vulnerabilities caused by techniques to obtain and compromise encrypted data. Managing these concerns is important in a world increasingly concerned about misuse, control and regulation of civilian data, media and digital platforms.

Proposed Amendments

In response to bipartisan recommendations from the inquiry by the Parliamentary Committee on Intelligence and Security (PJCIS), the Labor opposition has proposed amendments to the Act. The first reading of the Telecommunications Amendment (Repairing Assistance and Access) Bill 2019 noted that the legislation has been holding the [Australian] tech sector back from achieving [its] potential. It expressed concerns that the Act undermines our relationships with key international strategic partners including by slowing discussions with the United States for a bilateral agreement under the US CLOUD Act (Clarifying Lawful Overseas Use of Data).

The Explanatory Memorandum for the Bill describes the following effects of the amendments, if passed:

Regulation plays a vital, but complex role in a society increasingly reliant on technology. The Bills objectives shed light on the governments increasing focus on the role of effective encryption on national security, the important of strong security regulatory frameworks and the impact these have on foreign trust in Australias technology sector.

The rest is here:
Changing the Locks: Proposed Amendments to the Australian Encryption Act - Lexology