The Department of Home Affairs said the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018 was developed to combat “terrorist groups and organised criminals” who use encryption to avoid surveillance.
The Digital Industry Group Inc (DIGI), whose members include Facebook, Google, Microsoft and Twitter, has expressed concern over the bill, saying the proposed terms “have potential to erode consumer trust and introduce weaknesses that malicious actors could exploit.”
Under the current draft, domestic and offshore providers supplying IT services and devices to Australia would be obligated to give “reasonable assistance” to authorities, which may take the form of “removing a form of electronic protection“, “facilitating access to devices or services“ or “modifying or substituting a target service“ among others. It would also allow the release of technical capability notice, which would require a designated communications provider to build new capabilities for police access.
“Notices can be issued based on the judgment of decision-makers at agencies or the Attorney-General,” the group said. “These Notices may be issued based on facts or criteria that are not known to the recipient, and without full understanding of a technology on the part of an agency.”
DIGI said that technical assistance and capability notices should only be released by an independent judicial authority. It also suggested that companies should not be required to break the laws of other countries they operate in or build “vulnerabilities”, “weaknesses” or any new data retention and interception capabilities into their products or services.
“It’s important to note that even if these recommendations were adopted, the Bill proposes extraordinary powers of unprecedented scope, and their exercise should be limited to combating serious crimes that pose a grave threat to human life or safety.”