Lawmakers voted in favor of the Telecommunications Access and Assistance Bill late Thursday. The government argues the new measures will help police and security agencies combat serious offenses such as terrorist attacks and child sex crimes.
But tech companies and civil liberties groups say it’s a dangerous overreach that will affect a wide range of businesses and their customers.
The Digital Industry Group (DIGI), a tech industry association, said the law raised “the prospect of introducing systemic weaknesses that could put Australians’ data security at risk.”
“It is also deeply concerning that the minimum safeguards Australians should expect under such unprecedented new powers — judicial oversight and a warrant-based system — are absent,” the group said in a statement.
Tech companies may think twice about Australia
Privacy advocates say it could bring risks for regular users of the apps and even make tech companies wary of doing business in Australia.
“I think it’s right for governments to be tackling the issue of how to do effective investigations in the digital environment,” Daniel Weitzner, director of the Internet Policy Research Initiative at MIT, told the Australian Broadcasting Corporation (ABC) earlier this week. “What is risky is when government puts the interest of investigators over the safety of everyone who uses the internet and mobile phones.”
He said that the planned encryption rules could deter top tech firms from operating in Australia, given the costs and compromises they would demand.
“If a company that does business globally is suddenly told by the Australian government that it has to weaken its security, then it may think twice about whether it’s worth being in the Australian market,” Weitzner said.
Apple warns of scope for abuse
Apple released a seven-page letter in October criticizing the proposed legislation, arguing that it is “precisely because of [criminal] threats that we support strong encryption.”
The letter warned that the planned measures could weaken cybersecurity in Australia and beyond, and be abused through a lack of oversight.
Calling the bill “broad and vague,” Apple argued that future governments could use it to weaken encryption.
Apple didn’t respond to a request for further comment.
Investigators ‘going deaf’ because of encryption
The Australian government’s national security adviser, Alastair MacGibbon, said Wednesday that the legislation was meant to restore the investigative powers that authorities had for decades through legal wiretaps.
But Weitzner said people who really wanted to keep their online communication hidden from authorities would still be able to do so.
“A determined criminal, or a determined terrorist, is certainly going to be able to go out onto the internet today, and get for free, services that will evade the capabilities that this law is designed to help the police work around,” he said.
Law enforcement agencies in the United States have also been pushing for tougher laws to compel tech companies to share encrypted information with investigators.
The new Australian law was passed after the opposition Labor party agreed to support it earlier this week and then dropped amendments it had promised to make ahead of the vote.
Labor leader Bill Shorten said he backed the bill at the eleventh hour on the condition that the governing coalition agreed to make future changes to the bill in the new year.