News and Updates
Internet Australia today welcomed the release of the long-awaited report by the Independent National Security Legislation Monitor (INSLM) into the Government’s Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018 (the TOLA Bill), and its many recommendations that pick up our own recommendations made to the INLSM and to the various earlier reviews since the laws were first unveiled.
The legislation is now being examined by the Independent National Security Legislation Monitor (INSLM), Dr James Renwick CSC SC, and Internet Australia is delighted that we have been invited to appear before the INSLM in Canberra to expand and explain our submission.
If you would like to attend the details are:
Date/Time: Thursday, 20 February 2020 - 11:45am – 12:15pm
Location: QT Canberra, Eureka Room, 1 London Circuit, Canberra ACT (doors will be open from 8:15am)
A summary is below
Recommendation # 1: We recommend that serious Australian offence defined in s317B be redefined to reference the definition serious offence in s5D of the Telecommunications (Interception and Access) Act 1979.
Recommendation # 2 : W e recommend that ‘persons (who) manufactures or supplies components’ (Items 8 and 11 ) be removed from the list of ‘designated communications providers’ in s317C, and that ‘manufacturing’ and ‘supplying’ be removed from all other Items where they appear (such as Item 7)
Recommendation # 3: That the definitions of ‘designated communications provider’ relating to facilities (S317C (7),(8),(9) ) be removed, as they cannot be restricted to a single person as required by the definitions of ‘target technology’ and s317ZG(4A) - (4C) , and in any case ‘facilities’ are already covered under the items relating to ‘carriage services’.
Recommendation # 4: That a new subparagraph be added to section 317ZF(3) explicitly allowing disclosure (in the case of a notice served on an employee) to the person’s employe r, or (in the case of a notice served on a contractor) to the contractor’s client.
Recommendation # 5: That subsection 317ZF(3)(e) be expanded to read ‘for the purposes of obtaining professional advice, including legal advice, in relation to this Part.’
Recommendation #6: That subsection 317ZF(3) be expan ded to provide that the costs of seeking legal or other professional advice be borne by, and recoverable from, the issuer of the notice or request.
Recommendation # 7: That the definitions of ‘systemic weakness’ and ‘systemic vulnerability’ be revised, following dedicated consultation with industry on suitable definitions.
Recommendation # 8: We recommend that the Department consider creating guidance docu ments regarding ‘systemic’ weaknesses and vulnerabilities, especially as compared to ordinary weaknesses and vulnerabilities, and engage with industry to jointly assist in describing guidance and process flowcharts to assist the agencies and industry to di stinguish when a systemic issue is likely to be created.
Recommendation # 9: We recommend that a TAN or a TCN should only be issued after a suitable judicial warrant has been obtained, providing evidence and assurance that the safeguards and limitations hav e been considered by an independent arbiter.
Recommendation # 10: We recommend that the most dangerous and contentious portions of this ACT, the compulsive Technical Capability Notice, be set aside and removed from legislation until further extensive consult ation, round - table meetings and constructive discussion can be had between agencies and the IT industry affected by these laws, seeking to jointly produce a balanced outcome where agencies are able to achieve their goals without harming the Australian tech and IT industry.
This week, Internet Australia was proud to join over 110 other organisations around the globe supporting an open letter encouraging Facebook to increase the end-to-end security across Facebook’s messaging services - this letter can be found at https://cdt.org/insight/open-letter-facebooks-end-to-end-encryption-plans.
Internet Australia is deeply concerned to note the Australian government’s request to Facebook to halt plans to introduce strong end-to-end encryption in its messaging systems, in an open letter signed by the Australian Minister for Home Affairs, Hon Peter Dutton, along with his counterparts from the USA and the UK .
It is ironic that this entreaty for Facebook to NOT improve the security and confidentiality of its online messaging platform is made in StaySmartOnline Week, on the same day the Government’s own cyber security centre revealed Australians are reporting cybercrimes every 10 minutes. These are just some of the very cyber crimes that encryption of messages is designed to thwart, by ensuring information is kept confidential from eavesdropping criminals seeking personal data that can be used to impersonate another trusted party.