Thanks Rob.
Internet Australia's submission is at
https://internet.org.au/news/209-submission-internet-australia-s-submission-on-draft-assistance-and-access-bill.
We're also collating other submissions at this page to aid transparency, in
case the
Department doesn't publish the collection themselves.
There are currently 6 other submissions linked there, with more to be added:
* - Massachusetts Institute of Technology: Internet Policy Research Intiative
* - Internet Architecture Board
* - Chris Culnane and Vanessa Teague
* - Communications Alliance, Australian Information Industry Association,
Australian
Mobile Telecommunications Association
* - Mark Nottingham
* - Digital Rights Watch, Australia Privacy Foundation, Electronic Fontiers
Australia, Access Now, NSW Council for Civil Liberties, Future Wise,
Blueprint for
Free Speech, Queensland Council for Civil Liberties
All are well worth reading.
The IAB didn't mince words - cherry picking selected paragraphs: "
> "While we normally do not review proposed legislation, we are concerned that
> this
> proposal might have a serious and undesirable impact upon the Internet and,
> taken as
> a model, the sum of similar legislation may result in the fragmentation of the
> Internet.
> ....as custodians of the Internet’s architecture,
> we are required to take a global view. This approach, if applied generally,
> would
> result in the
> Internet’s privacy and security being the lowest common denominator permitted
> by the
> actions taken
> in myriad judicial contexts. From that perspective, this approach drastically
> reduces trust in critical
> Internet infrastructure and affects the long term health and viability of the
> Internet. "
May we include the ITPA submission, or a link to the ITPA page, in that
collection?
Paul (with Chair of Internet Australia hat on)
On 12/09/2018 9:07 AM, Robert Hudson wrote:
> As per my comments in August, ITPA put forward the following comment on the
> draft
> bill within the offiicial public comment window:
>
> "To whom it may concern,
>
> On behalf of the Information Technology Professionals Association (ITPA) and
> its
> members, I am writing today to express a lack of support for "The Access and
> Assistance Bill, 2018" as it currently stands. This bill should not be
> introduced
> to Parliament in its current form, and certainly should not be voted into law.
>
> ITPA and its members recognise the fact that encrypted communication is one
> tool
> used by criminals to make it harder for law enforcement agencies to discover
> and
> track their whereabouts, plans, and other details of crimes they may have or
> be able
> to commit. We appreciate the fact that the government is seeking ways to
> increase
> its ability to better prevent and prosecute crime. But it is ITPA's position
> that
> the only real-life outcome of "The Access and Assistance Bill 2018" will be a
> negative impact to the individual privacy of Australian citizens, and that
> the proposed benefits (allowing law-enforcement to prevent or prosecute
> crimes) will
> not be realised.
>
> "The Access and Assistance Bill 2018" will not only fail to achieve its
> stated aim
> (criminals will simply move to using encryption products not covered by this
> bill -
> most of the tools currently used in this area are not written by companies
> which are
> bound by this bill, and those which are will simply be traded for tools
> produced
> outside of Australia's jurisdiction), but it will result in a significant
> reduction
> of individual privacy for law-abiding citizens.
>
> In addition to failing to achieve the desired goals, tools created under this
> legislation to break or bypass the encryption created by commonly used
> applications
> will almost certainly be misused by individuals in positions of power within
> law-enforcement agencies, as we have already seen happen in other areas of
> surveillance legislation such as the mandatory metadata retention scheme.
>
> Further, it is certain that these tools will also become available to people
> outside
> of legitimate law-enforcement agencies, and will be used as a weapon against
> law-abiding citizens - the leaking of the list of "blocked" sites under
> Internet
> filtering regimes of the past
> (https://www.smh.com.au/national/dentists-website-on-leaked-blacklist-20090319-93cl.html)
> shows that secrets and artifacts (such as lists of websites, or access to
> tools) can
> and do get leaked beyond the approved area of usage).
>
> "The Access and Assistance Bill 2018" also has issues of governance and
> oversight
> which require adjustment before it could be supported. Although there is
> still a
> requirement for warrants to be issued and a level of judicial oversight, a
> political
> appointment (The Attorney General) holds significant (and ultimate for
> short-term
> activities with post-activity oversight) power within this legislation. It
> would be
> preferable to have a politically independent body (an individual or
> organisation) to
> provide the level of oversight and authority carried by the Attorney General
> in this
> legislation to ensure that decisions are not made under the authority of this
> bill
> for political purposes.
>
> If the government really wants to achieve better levels of policing and crime
> prevention in areas of technology, we implore the government to consult with
> the
> technology industry during the drafting phases of legislation, rather than
> after the
> draft has been put together in such a fashion as to be technically
> infeasible. ITPA
> would be more than willing to be part of a consultation process to resolve
> issues
> with the currently proposed legislation, or for any other legislation which
> requires
> technical expertise to achieve success."
>
> On Wed, 15 Aug 2018 at 13:48, Robert Hudson <[email protected]
> <mailto:[email protected]>> wrote:
>
> Hi Paul,
>
> On Wed, 15 Aug 2018 at 13:31, Paul Brooks <[email protected]
> <mailto:[email protected]>> wrote:
>
> Thanks Aftab for the plug - this is something that IA has been
> tracking and
> meeting in Canberra with various Minister-types down over the past 6-9
> months, trying to determine what they were looking to do, and educate
> them
> on the concerns.
> This is data retention all over again. On one hand, as an ISP, if you
> don't
> actually supply end-user devices and all the OTT messaging apps pass
> through
> your network, there may not be much in this to concern. This Bill is
> aimed
> at Samsung/Google/HTC/Oppo, and OTT service providers like Apple
> iMessage,
> WhatsApp, Google Hangouts, etc.
> They were quite insistent they would not be seeking to back-door
> encryption,
> and as it happens, they were right! They just want to back-door the
> entire
> device. And website, which is classed in there too.
>
>
> The legislation is sufficiently vague as to allow pretty much anything
> the A-G
> thinks is reasonable at the time the A-G makes a request.
>
>
> If you're in Canberra on Monday night, we've got a number of people
> from MIT
> Computer Science and Artificial Inelligence Labs (CSAIL) and other
> experts
> that talk to USA's people, and tickets still available - From 4:30pm,
> with
> free drinks provided afterwards.
>
>
> https://www.eventbrite.com.au/e/encryption-experts-session-evening-in-canberra-tickets-48911717263
>
>
> Canberra could be hard to attend from Sydney, but this one may be
> important
> enough for me to make the trip.
>
>
>
> They're taking feedback/submissions/comments for 4 weeks only - is
> anyone
> planning to submit some comment?
>
>
> ITPA is looking to provide feedback. We'd be happy to work with other
> parties
> (individuals or organisations) to put up a joint response.
>
> Regards,
>
> Robert
>
_______________________________________________
AusNOG mailing list
[email protected]
http://lists.ausnog.net/mailman/listinfo/ausnog
