After months of industry-led criticism over its proposed encryption bill, the government has now been accused of failing in its preparation for the controversial legislation.
The Parliamentary Joint Committee on Intelligence and Security held its first public hearing on the Telecommunication and Other Legislation Amendment (Assistance and Access) Bill 2018 last Friday.
And while most discussion addressed the substance of the bill, some of the invited industry spokespeople were quick to express their displeasure with the legislative process thus far.
University of Melbourne computing lecturer and Executive Director and Founder of Blueprint for Free Speech, Dr Suelette Dreyfus labelled the proceedings “dismissive”.
“The processes surrounding this bill have thus far been really far from adequate – in fact they’ve been poor,” she told the committee in her opening address.
“My colleagues have elaborated on this dismissive message that it sends from government to the community to rush things.”
After giving an initial indication of its plans last year, the exposure draft was first released by the government on 14 August.
Despite receiving almost 15,000 submissions (although most were formulaic) on the proposed changes, the government fast-tracked the legislation and introduced a slightly amended version to parliament on 20 September.
“I don’t think it’s a good recipe,” said Dr Dreyfus. “I think rushing things through in this way is not democracy – it’s faux democracy.”
Chair of the Policy Committee at Electronic Frontiers Australia, Angus Murray, shared some of Dr Dreyfus’s views.
“With respect, the extremely short consultation period for submissions into this bill and the rapid progression of this process is comprehensively wrong,” he said.
“This process has been rushed without reason and progressed without proper and prior consideration.
“This alone should justify the committee's serious scrutiny.”
Also present at the hearing, representatives from the Department of Home Affairs were able to provide some insight into the bill’s consultation period.
“People from all across the world flew to Australia also for consultations, and we held round tables in Australia with domestic communication providers and also with technology companies, including those from Silicon Valley,” said First Assistant Secretary at the Department of Home Affairs, Hamish Hansford.
“They include domestic communications providers such as Telstra and Optus.
“In Silicon Valley, Apple, Google and Microsoft were all consulted.”
Despite consultation, each company but Microsoft mentioned by Hansford have shared their concerns over the possible weakening of security the changes bring.
Speaking of encryption
The 171-page piece of legislation only mentions the word ‘encryption’ once. Its single use is in reference to avoiding systematic weaknesses.
When quizzed on the matter, Hansford explained this was because the bill – in the eyes of the Department of Home Affairs – is not about breaking encryption.
“It is about what are the tools that law enforcement and intelligence can have not to break encryption,” he said.
“What are the tools and the framework by which law enforcement and intelligence can get access to information that is obtained in a warrant?
“So, we have purposely not used 'encryption' in the bill, because it's about the framework and about access to the issues that encryption causes.”
Although the word encryption is seldom used in the legislation, ‘electronic protection’ regularly comes up.
“We've gone for the broad 'electronic protection' rather than the narrow 'encryption', essentially,” Hansford said.
“It reflects all of the different types of activity a law enforcement or intelligence agency might undertake under legislation. It is not solely focused on encryption.”