Paul - those are the additional Opposition amendments, to have been moved by Penny Wong, that were not introduced and are not part of the current legislation. If the opposition crosses its fingers, they might be allowed to try them in February.
Right now, the relevant part is 317WA Assessment and report (regarding a TCN): > > (1) If a consultation notice is given to a designated communications provider > under > subsection 317W(1) in relation to a proposed technical capability notice, the > provider may, within the time limit specified in the consultation notice, > give the > Attorney-General a written notice requesting the carrying out of an > assessment of > whether the proposed technical capability notice should be given. > (2) If a designated communications provider gives the Attorney-General a > notice > under subsection (1) in relation to a proposed technical capability notice, > the > Attorney-General must appoint 2 persons to carry out an assessment of whether > the > proposed technical capability notice should be given. > (3) For the purposes of this section, the persons appointed under subsection > (2) are > to be known as the /assessors./ > (4) One of the assessors must be a person who: > (a) has knowledge that would enable the person to assess whether > proposed technical capability notices would contravene section 317ZG; and > (b) is cleared for security purposes to: > (i) the highest level required by staff members > of ASIO; or > (ii) such lower level as the Attorney-General > approves. > (5) One of the assessors must be a person who: > (a) has served as a judge in one or more prescribed courts for > a > period of 5 years; and > (b) no longer holds a commission as a judge of a prescribed > court. etc. On 12/12/2018 12:45 pm, Paul Wilkins wrote: > > > 317V, substitute: > unless: > (a) the Attorney-General is satisfied that: > (i) the requirements imposed by the notice are reasonable and proportionate; > and > (ii) compliance with the notice is practicable and technically feasible; and > *(b) an eligible Judge has approved the giving of the notice.* > > On Wed, 12 Dec 2018 at 12:39, Paul Wilkins <[email protected] > <mailto:[email protected]>> wrote: > > > https://parlinfo.aph.gov.au/parlInfo/download/legislation/amend/r6195_amend_96ffec08-558c-4ff9-9448-0a18c21cf1c7/upload_pdf/8627%20CW%20Telecommunications%20and%20Other%20Legislation%20Amendment%20(Assistance%20and%20Access)%20Bill%202018%20Wong.pdf;fileType=application/pdf > > On Wed, 12 Dec 2018 at 12:25, Paul Brooks <[email protected] > <mailto:[email protected]>> wrote: > > @Matt - 'a screen capture and remote access ability', if installed on > all > phones would surely be a 'systemic vulnerability' in anybody's view, > and > would be a global disaster if the method of triggering this ability > escaped > to the wider world. This would be an example of precisely the > dangerous and > ill-advised exploit that we are all concerned the agencies might ask > for in > ignorance. Heck, this is exactly the sort of malware exploit that > after-market malware scanners and virus checkers for phones should be > looking for to to detect and warn the user if an app or the OS had > been > compromised and was attempting to do these things. I can see a rapidly > growing market for malware checkers! > > @Paul - where is the requirement for 'judicial approval'? - it > doesn't go > anywhere near a court. The TCN can be issued by the Attorney > General. If > (and only if) the recipient thinks it might be able to be pushed back > on, > they can ask for a review by a *retired* judge and a tech expert with > a high > security clearance. A *retired* judge is not a 'judicial approval', > and the > easiest place to source the other expert from is from within ASIO - > hardly > independent. The AGD chooses the two reviewers, not the recipient. > The > legislation as passed also doesn't deal with the situation if the two > experts disagree on whether it is allowable or not. And there is no > requirement for a warrant to have been issued - the whole point of a > TCN is > to preemptively create a capability that can be exploited later, on > the off > chance there will be a future warrant that requires the exploit to be > triggered. > > Paul. > > On 12/12/2018 12:02 pm, Paul Wilkins wrote: >> Matt, (IINAL) >> But it appears on my reading that both 317ZG and more specifically >> the new >> 317ZGA would arguably prohibit this. >> >> The (pending?) amendments are worth a read. Stronger terms on 317ZG >> and >> importantly - *requirement for judicial approval of TCNs*. >> >> 317P (5)(2)(d) the designated communications provider has, if >> reasonably >> practicable, been consulted and given a reasonable opportunity to >> make >> submissions on whether the requirements to be imposed by the notice >> are >> reasonable and proportionate and whether compliance with the notice >> is >> practicable and technically feasible. >> >> >> On Wed, 12 Dec 2018 at 11:30, Matt Perkins <[email protected] >> <mailto:[email protected]>> wrote: >> >> It strikes me that all that will be needed is the phone >> manufacturers >> to put a screen capture and remote access ability on the phones. >> Then >> Law enforcement need to do is read the screens no need to >> involve the >> individual app makers at all. They are after a wide and non >> savvy >> audience here. Looking over the shoulder of phone users is what >> we are >> talking about. I would say expect to see a boost in convictions >> of >> medium size drug distributors and small amateur terror type >> people. >> >> These are the same people that used sms before they just want >> that >> capability back. >> >> Matt >> >> >> >> -- >> /* Matt Perkins >> Direct 1300 137 379 Spectrum Networks Ptd. Ltd. >> Office 1300 133 299 [email protected] >> <mailto:[email protected]> >> Fax 1300 133 255 Level 6, 350 George Street Sydney >> 2000 >> SIP [email protected] >> <mailto:[email protected]> >> Google Talk [email protected] >> <mailto:[email protected]> >> PGP/GNUPG Public Key can be found at http://pgp.mit.edu >> */ >> >> > On 12 Dec 2018, at 8:27 am, Paul Brooks >> <[email protected] >> <mailto:[email protected]>> >> wrote: >> > >> >> On 12/12/2018 3:54 am, Scott Weeks wrote: >> >> >> >> ----------------- >> >> The Bill was passed on Thursday >> >> ----------------- >> >> >> >> >> >> Damn, I'm gonna need a bigger bag of popcorn! >> >> Waaaay bigger. I can't wait to see how this >> >> plays out. >> > >> > We'll probably never know how this plays out, unless one of >> the major >> global brands >> > pulls out of the Australian market. >> > >> > Tech companies doing development in Aust will put in >> independent code >> reviews by an >> > offshore team to protect against onshore employees, or will >> quietly >> close Australian >> > development shops over years. Some tech companies will move >> overseas >> - gradually, >> > over months and years. Net result - lower demand for >> Australian IT >> staff, lower >> > export figures in the DFAT stats over years. >> > >> > Many 'component manufacturers or suppliers' will blithely >> carry on, >> unaware this might >> > apply to them at all until they receive a notice >> > >> > A massive data breach in 3 years time may not be traced back >> to a >> system change caused >> > as a result of a notice, or if an investigation does uncover >> the root >> cause, is likely >> > to be quietly hushed up. >> > >> > It'll take a massive ASIC-website-blocking-like event own-goal >> to >> generate demand for >> > popcorn. That or a majority of politicians starting to listen >> to >> experts rather than >> > agencies and repealing it, and there's precious few Andrew >> Wilkies >> around at the >> > moment so that's even less likely. >> > >> > P. >> > >> > >> > >> > >> > >> >> >> >> scott >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >>> >> >>> >> >>> >> >>> _______________________________________________ >> >>> AusNOG mailing list >> >>> [email protected] <mailto:[email protected]> >> >>> http://lists.ausnog.net/mailman/listinfo/ausnog >> >> >> >> >> >> >> >> _______________________________________________ >> >> AusNOG mailing list >> >> [email protected] <mailto:[email protected]> >> >> http://lists.ausnog.net/mailman/listinfo/ausnog >> >> >> >> >> >> _______________________________________________ >> >> AusNOG mailing list >> >> [email protected] <mailto:[email protected]> >> >> http://lists.ausnog.net/mailman/listinfo/ausnog >> > >> > >> > _______________________________________________ >> > AusNOG mailing list >> > [email protected] <mailto:[email protected]> >> > http://lists.ausnog.net/mailman/listinfo/ausnog >> >> _______________________________________________ >> AusNOG mailing list >> [email protected] <mailto:[email protected]> >> http://lists.ausnog.net/mailman/listinfo/ausnog >> >> >> _______________________________________________ >> AusNOG mailing list >> [email protected] <mailto:[email protected]> >> http://lists.ausnog.net/mailman/listinfo/ausnog > > > _______________________________________________ > AusNOG mailing list > [email protected] <mailto:[email protected]> > http://lists.ausnog.net/mailman/listinfo/ausnog >
_______________________________________________ AusNOG mailing list [email protected] http://lists.ausnog.net/mailman/listinfo/ausnog
