Labor MP Ed Husic says that the opposition has a “crystal clear” commitment to making significant changes to the so-called ‘encryption’ legislation passed last year with the party’s support.
Husic said Labor will “fix these terrible laws” — passage through parliament of which was made possible after the opposition withdrew a number of amendments it had intended to make and voted for the government's bill.
The Telecommunications and Other Legislation Amendment (Assistance and Access) Act (TOLA Act) was passed on the final sitting day of 2018.
A government decision to adjourn the lower house in order to avoid an embarrassing defeat on medical transfers for refugees meant that the House of Representatives did not have an opportunity to debate the amendments that Labor had argued were necessary and in line with the bipartisan recommendations of the Parliamentary Joint Committee on Intelligence and Security (PJCIS).
“We had a government that had said this was the most important piece of national security legislation of the year, it had to go through, we need to see this happen,” Husic told a forum on the laws organised by InnovationAUS and StartupAUS, and hosted by the Fishburners co-working space. “And then in the final week of parliament, they didn’t bring their own, most important piece of national security legislation on to be voted.”
Husic, the shadow minister for the digital economy, said that Labor was concerned that if the opposition hadn’t pushed the legislation through to give the national security agencies the new powers before the Christmas break, it could “not rule out the attempt by the other side of politics to blame us if, god forbid, something had happened over that period of time”.
“Our view was to give something to the security agencies in the short term with the commitment that was given to us by the other side of politics that the amendments that had been put forward, that had been fashioned on the basis of 17 recommendations from a bipartisan committee, would be debated and given effect in the following year, this year,” Husic said.
“This did not happen. We said that we would make sure our amendments were consistent with those 17 recommendations. We expected to be able to debate them. That didn’t occur.”
Husic said Labor had attempted in February to debate its amendments to the legislation, when the government introduced legislation to allow anti-corruption agencies to access the TOLA Act powers.
“The government did not see fit to allow that debate to occur in the Senate,” the MP said.
One key change to the TOLA Act regime that Labor is committed to pursuing is the definition of “systemic weakness”.
The legislation allows the government to force a company to introduce a new capability to facilitate surveillance or investigative work by law enforcement organisations. A key limit on the power to issue a ‘Technical Capability Notice’ (TCN) is that an entity cannot be compelled to introduce a “systemic weakness” into a system.
As it stands the act defines a systemic weakness as “a weakness that affects a whole class of technology, but does not include a weakness that is selectively introduced to one or more target technologies that are connected with a particular person.”
That definition has been criticised as confusing and ambiguous. For example a document produced by organisations in the tech and telco sectors has argued it is unclear whether a “class” would be “all mobile handsets, or Android phones, but not iPhones, or the mobile handsets offered by one service provider but not another or some other combination of factors”.
Amending the definition remains “one of the principle planks for us in terms of reform,” Husic said.
A second area of reform pursued by Labor relates to judicial oversight, with Husic arguing a person not connected with an investigation should not “be compelled to cooperate in undermining the fundamental strength of encryption without having a judicial warrant attached to it”
“We are not going to have this system of having a retired judge be oversighting the judicial requirements for putting in place warrants,” Husic said.
“You need to have a dedicated judicial official who is across these issues and knows the impact that the decisions they will or will not make and they need to be accountable for that,” the MP said.
Husic said he was also pushing for reporting that would reveal not just the number of times requests are made under the legislation but also “the number of people that were affected by the requests as well to show the breadth of this”.
The Labor MP cited the breadth of organisations accessing metadata kept as part of Australia’s data retention regime and said he didn’t want to see a similar scope creep with the encryption legislation “That is why I think reporting on these things is important,” Husic said.
Husic said that regardless of whether Labor wins or loses government it was committed to pressing for changes to the new laws in line with the PJCIS recommendations. “Our commitment to reform is crystal clear,” he said.
He called on the local tech sector to keep raising the issue to help keep pressure on politicians.
“Keep reminding politicians that local tech and the sector is important for economic growth and jobs in this country,” he said, committing the opposition to working to “fix these terrible laws”.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.