Return to Level1Techs.com

Australia's Assistance and Access Bill passes

encryption

#1

According to the above, Australia’s Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018, has been passed by the legislature.

You can see it in the Federal Register of Legislation under the designation C2018B00180:
https://www.legislation.gov.au/Details/C2018B00180

Or on the Australian Parliament’s sites here:
https://www.aph.gov.au/Parliamentary_Business/Bills_Legislation/Bills_Search_Results/Result?bId=r6195
or
https://parlinfo.aph.gov.au/parlInfo/search/display/display.w3p;query=Id:“legislation/billhome/r6195” (the permalink)

About

Notably in the ABC article above it lists the new powers given to the government:

Technical Assistance Request (TAR) - voluntary
Technical Assistance Notice (TAN) - company is “required to give assistance if they can” under threat of fines
Technical Capability Notice (TCN) - requires creation of backdoors, “as long as it does not force encryption to be broken”

I’m still trying to figure out how this meshes with the wording used by its proponents:

“The lack of access to encrypted communications presents an increasingly significant barrier for national security and law enforcement agencies,” Home Affairs Minister Peter Dutton said when introducing the bill to parliament in mid-September.

which makes it clear that the goal is to break/access encryption.


#2

Please provide some of your own thoughts on this, @olddellian. Just dropping links violates the low effort rule.


#3

I don’t even know what the Assistance and Access bill is?


#4

I’m not surprised


#5

The first clause of this sentence is entirely nullified by the second. If that was the intended meaning, that’s good.

I’m taking this to mean “can you help us get this data?” If so, that’s not bad.

I’m taking this to mean a court order of handing over data. Does this data need to be decrypted?


#6

For as long as letters were a thing, we had encrypted communications. look at the Caesar Cipher, for a perfect example of extremely old encryption.

There is nothing new under the sun. Law enforcement is just being lazy.

If I can break encryption in my home office, Law Enforcement can break encryption with the resources they have access to. It’s not hard, they just need to hire people who are capable of doing it.


More importantly, do non Australia based firms need to comply with these edicts?


#7

From what I understand, yes. Though ProtonMail says they will refuse anything of the sort, so maybe in practice it will only affect companies with offices in Australia?

Otherwise they would need to block credit card companies from letting Australian users purchase from ProtonMail or whatever other companies is refusing to comply with their wishes.


#8

Shame


#9

I mean, they could also just not offer the service in Australia. :thinking:


#10

Thats what i would do fuck em

sorry aussies


#11

If no services are available in AU, they’ll probably rethink it.

Imagine if MS and Apple pull out. heads would roll


#12

IDK about M$ but apple has the money to do that


#13

Just ignore it. There is a provision in there that you don’t have to do anything that would “compromise the security”.

A backdoor is a compromise.

Do nothing, tell government to fuck off, any crypto expert should back you up.

/end

This law may be good in that it will get the retards demanding government surveillance off their back and yet be entirely toothless.

It was either

  • written deliberately to be that way intentionally to be toothless
  • that clause was slipped in by someone with a clue OR
  • they may try close the loophole and it was not intended

I’m hoping for either 1 or 2.


#14

As an aussie…

Our government will have endless fucking referendums on daylight saving, yet this is not discussed, no media coverage, etc.

I’m pretty sure very few of the actual aussie population want this. And yes, we’ll do the typical aussie thing of ignoring the laws we don’t like.


#15

Sadly companies cant do that


#16

No, but the law specifies that the company does not have to do anything that will compromise security. So in this case, they can.


#17


#18

Guys, guys, relax. This is NOT and backdoor…

… Its a side gate.


#19

3 days


#20

Assuming the comments about compelling someone to secretly put code in software, then it’s not a huge issues. Do not do software work in Australia, and if you hire an Australian out of Australia then either have them give up their citizenship or don’t hire them.