Australia’s digital rights advocates and tech sector push back against law undermining encryption

UN High Commissioner Michelle Bachelet presents Huma Rights Hero Award to Lizzie O'Shea

UN High Commissioner Michelle Bachelet presents the Human Rights ‘Hero Award’ to Lizzie O'Shea – Courtesy Access Now Twitter account

Imagine a law that gives a country’s intelligence and law enforcement bodies the power to access encrypted communications. Despite the misgivings of Australia’s Labor opposition, it supported the passage of the Liberal National Coalition’s Access and Assistance Bill (#AAbill), making such legislation law on December 6, 2018. Its target is supposed to be terrorists and paedophiles, but there are broad implications for digital rights.

There have been 75 sets of national security laws in Australia since September 2001. Nevertheless, the government claimed that the legislation was needed before Christmas as the holiday period poses heightened security risks.

The outrage from privacy and digital rights advocates and members of the technology industry has not subsided — especially as the opportunity to amend the legislation after Australia’s federal election on May 18, 2019 was left open and subject to a review by the Parliamentary Joint Committee on Intelligence and Security.

Global Voices presented written questions to Lyndsey Jackson, chair of the digital rights organisation Electronic Frontiers Australia, about the legislation and its ramifications. Lyndsey provided the following responses from EFA.

Kevin Rennie (KR): What are the main provisions of the new legislation?

Lyndsey Jackson (LJ): It deals with encryption, which is a way of transmitting data that can only be read by the sender and receiver — that means that no one else can look at it unless they choose to give access. Encryption is used for lots of things, like secure messaging, files, emails, drives or even verify[ing] software. It’s used by lots of people and organisations and governments.

The new legislation directly targets encryption and basically coerces developers, device manufacturers and service providers to allow the government to spy on people’s encrypted data.

KR: The government claimed the new powers were needed urgently: before the 2018 Christmas season. What have been the consequences of their haste?

LJ: The consequences of rushing through this legislation before Christmas have been immense.

The legislation as passed was very poorly drafted. There were a large number of major amendments planned to improve the drafting and they didn’t even make it into the final text due to the haste. We now have operating legislation that parliament has acknowledged is badly written instead of well considered legislation that actually does what is needed.

The coercion of the tech sector is an immediate consequence — people report a drop in foreign work and it’s expected this will increase, with further reductions in investment and work.

The other notable consequence has been [that] Australians’ digital rights are currently vulnerable both from their government and the potential of this surveillance capacity to be misused by others.

KR: Why have these laws created such strong opposition in Australia?

LJ: Digital rights campaigning is growing in Australia as more people become aware of the huge ramifications of surveillance and how it is misused. But the government has also completely overlooked the tireless explanations and advocacy of the local tech sector, [which has] shown how the legislation is excessive, unworkable and places us at extreme financial, business and personal risk. [It] also fundamentally misunderstands both technology and privacy — that is why these laws have created such strong opposition.

We have a right to privacy. That privacy exists in our everyday physical life, including when we pick up a phone or use our computer. This legislation removes our right to privacy by giving the government unprecedented access to our private lives for potential crimes that could well be investigated in other, more responsible, ways. This legislation gives the government the password to every account in the country without pausing to consider if they should, let alone if they need it.

KR: What are the specific concerns of the local information and technology industry?

LJ: This legislation will definitely have a financial impact on the local information and technology industry. The government will already reject dealing with companies like Huawei for fear of security flaws that can lead to foreign surveillance, so why would they expect any other country to treat us differently? Because that’s effectively what the government has told the world: every service, hardware and software created in Australia will have a security flaw allowing surveillance. This legislation hampers the Australian information and technology industry’s ability to create strong products and services.

KR: Why do some members of the cyber security sector believe that the law will be counterproductive?

LJ: In order to make this legislation work, software and hardware will have to almost weaken their overall security. This means it’s even more vulnerable to intrusion from other sources.

KR: What changes should the incoming government make now that the May federal election has been held and the government returned for another three years?

LJ: The digital rights of Australians and the health of our tech industry need to be taken more seriously. One way they can do that is [to] roll back this legislation and go back to the drawing board — but this time with Australia’s tech experts.

Meanwhile, Australian lawyer and board member of Australia's Digital Rights Watch, Lizzie O'Shea, has been honoured by the international advocacy group Access Now for her advocacy against the encryption laws. The United Nations High Commissioner for Human Rights, Michelle Bachelet, presented O'Shea with a Human Rights Hero award at the RightsCon summit, held in Tunisia on June 12, 2019.

Access Now put out this statement:

Frequently working in coalition, O’Shea has led the campaign against the Assistance and Access Bill and other threats to secure communications in Australia. This has included building an alliance across technology companies, civil society organizations, academics, and activists, and fronting media, public events, and parliamentary inquiries. Despite the laws being passed, the campaign had a huge mobilizing impact, with a strong coalition committed to working together and thousands of Australian citizens sparked to take action.

In contrast, the federal government's Department of Home Affairs has a detailed explanation of the legislation and its responses to the so-called ‘myths’ surrounding the Assistance and Access Act.

Start the conversation

Authors, please log in »

Guidelines

  • All comments are reviewed by a moderator. Do not submit your comment more than once or it may be identified as spam.
  • Please treat others with respect. Comments containing hate speech, obscenity, and personal attacks will not be approved.