Nearly two years after Australia passed their controversial anti-encryption laws, the tech industry is already feeling an impact. Apparently, non-Australian companies and IT professionals are no longer interested in doing business with Australia.
The typically-inconspicuously named Assistance and Access Act 2018 and Telecommunications and Other Legislation Amendment were supposed to “create a safe online environment for Australians.” The official description of AAA on Australia’s government website states that encryption technologies are “employed by terrorists, paedophiles, drug smugglers and human traffickers to conceal illicit activities and facilitate crime.”
The Australian government denies that these laws would be used to implement backdoors. Meanwhile, Australia’s Attorney-General Christian Porter has specifically said “This ensures that our national security and law enforcement agencies have the modern tools they need, with appropriate authority and oversight, to access the encrypted conversations of those who seek to do us harm.”
As usual, fear-mongering tactics are used to justify authoritarian acts of government overreach that dwindle our freedoms. Then again, given the context it’s framed in, it’s no surprise the bill was passed. After all, lawmakers aren’t known to be the most informed and up to date on the latest technology.
The situation largely mirrors the FESTA/SESTA situation state-side. Initially pushed as anti-human trafficking bills, they in fact made human trafficking worse by forcing many informants underground. In the end, all they did was target innocent, consensual sex work.
But how could you not support a bill that is against terrorism, pedophilia, and human trafficking? Only a monster wouldn’t.
Australian tech giant Atlassian has decided to speak out against the laws, saying they have damaged “the reputation of the technology sector, discouraged talent from working in Australia, and harmed an industry that could help drive economic growth in the nation’s post-Covid-19 recovery.”
“It is my belief that the very rushed nature in which the [TOLA] bill was passed and then also the nature of the rights granted to government under TOLA have had a negative impact on the reputation of the Australian technology sector,” said Patrick Zhang, Atlassian’s policy and government affairs head.
Another criticism is that a backdoor can be exploited not just by the government, but also by foreign governments or malicious actors – weakening security as a whole.
He discussed technical capability notices (TCNs), which are basically subpoenas that can force companies to build backdoors into their encrypted services without the knowledge of their customers. Alternatively, they can also be used to compel IT employees to build said backdoors without the knowledge of their company.
“That has given a number of our customers concerns. Because I think that the fear is that by working with an Australian company, whether by using its product or as a vendor – is that company going to be subject to orders by the government to weaken its security or to build backdoors that will make the product less secure and expose a weak link, if you will, in the technology supply chain that is global in nature?”
Zhang’s fears aren’t just speculative either. Australia’s anti-encryption laws have already been used to strip journalists of their protections as we saw last year with the infamous AFP raid on ABC.
In June 2019, Australian federal police officers raided Australian Broadcasting Corporation’s headquarters with a warrant regarding allegations that Australian special forces were involved in war crimes.
The warrant, posted on Twitter, granted officers the right to “add, copy, delete or alter” any data in ABC’s computers. The warrant further went on to detail the different types of data they were interested in, including handwritten and digital notes and correspondence, graphics, raw footage, documents classified as ‘secret’, along with “any manual, instruction, password or other thing that assists to gain access to or interpret or decode any of the above things.”
Former defence lawyer David McBride was charged with five counts of leaking classified information, on which the war crime allegations were based.
In a world where countries like Switzerland and Norway are considered havens of personal privacy protection, it’s not difficult to see where Zhang is coming from. China, Russia and India are already considered to be on the opposite end of that scale. Looks like Australia is squarely in the latter list now.