Australia plans law for tech firms to hand over encrypted private data

Cybersecurity experts worried about a lack of judicial oversight, saying the policy was out of step with privacy laws elsewhere.
Cybersecurity experts worried about a lack of judicial oversight, saying the policy was out of step with privacy laws elsewhere.PHOTO: THE NEW PAPER

SYDNEY (REUTERS) - Australia on Tuesday (Aug 14) proposed a new law requiring technology firms such as Alphabet Inc's Google, Facebook and Apple to give police access to private encrypted data linked to suspected illegal activities.

The measure, which targets platforms the Australian government says could be used for criminal activities or to plan a terror attack, would require police to get a court warrant to access the encrypted data.

It sets fines of up to A$10 million (S$10 million) for institutions that do not comply, and jail time for individuals, but has yet to be presented in parliament and it was not clear when it could become law.

The measure will pull Australia's security laws in line with new technology, said Mr Angus Taylor, the minister for law enforcement and cybersecurity.

"Our legislation for telecommunication intercepts, being able to access data, in order to investigate and prosecute criminal activity, with a warrant, is no longer fit for purpose," he told Reuters.

"Whether it's paedophiles or terrorists or drug dealers, it makes sure we have legislation fit for purpose in a modern era," he added, referring to the proposed measure.

An industry group that includes Google, Twitter, Facebook, Yahoo! and Microsoft called for a "constructive and public dialogue" with the government as the Assistance and Access Bill 2018 goes through parliament.

"We work every day to help protect the privacy of people who use our services and strongly support the economic and social benefits of encryption technology," said Ms Nicole Buskiewicz, managing director of Digital Industry Group Inc.

"At the same time, we appreciate the hard work governments do to keep us safe," she said in a statement.

Apple did not immediately respond to request for a comment.

Cybersecurity experts worried about a lack of judicial oversight, saying the policy was out of step with privacy laws elsewhere.

"There appears to be a sense of chaos and confusion in the government as to how to reconcile privacy principles with legitimate enforcement interests," said Mr Greg Austin, a cybersecurity expert at the University of New South Wales in Canberra.