This article is from the source 'guardian' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.

You can find the current article at its original source at https://www.theguardian.com/australia-news/2018/aug/20/tech-giants-warn-coalition-bill-opens-customers-up-to-cyber-attack

The article has changed 4 times. There is an RSS feed of changes available.

Version 0 Version 1
Tech giants warn Coalition bill opens customers up to cyber attack Tech giants warn Coalition bill opens customers up to cyber attack
(about 2 hours later)
The peak body representing tech giants Facebook, Google, Twitter and Amazon has blasted a Coalition bill that would force them to assist law enforcement agencies in decrypting private communications.The peak body representing tech giants Facebook, Google, Twitter and Amazon has blasted a Coalition bill that would force them to assist law enforcement agencies in decrypting private communications.
The Digital Industry Group Inc has rejected government claims the draft bill, to be released on Tuesday, would not require communications providers to build weaknesses into their products and warned it would open users’ data up to attack. The Digital Industry Group Inc has rejected government claims the draft bill, released last Tuesday, would not require communications providers to build weaknesses into their products and warned it would open users’ data up to attack.
The bill grants the attorney-general a power to issue a “technical capability notice” requiring tech companies to build a new capability that would enable them to give assistance to Asio and interception agencies.The bill grants the attorney-general a power to issue a “technical capability notice” requiring tech companies to build a new capability that would enable them to give assistance to Asio and interception agencies.
Companies cannot be asked to “implement or build a systemic weakness, or a systemic vulnerability, into a form of electronic protection” but could be asked to help break open particular communications.Companies cannot be asked to “implement or build a systemic weakness, or a systemic vulnerability, into a form of electronic protection” but could be asked to help break open particular communications.
In a statement on Monday, the Digi managing director, Nicole Buskiewicz, said that protecting the public is a priority for both government and industry, but that includes “protecting the public’s privacy and data from attack”.In a statement on Monday, the Digi managing director, Nicole Buskiewicz, said that protecting the public is a priority for both government and industry, but that includes “protecting the public’s privacy and data from attack”.
She warned such an attack “would likely be an unintended consequence of this bill”.She warned such an attack “would likely be an unintended consequence of this bill”.
“The reality is that creating security vulnerabilities, even if they are built to combat crime, leaves us all open to attack from criminals.“The reality is that creating security vulnerabilities, even if they are built to combat crime, leaves us all open to attack from criminals.
“This could have devastating implications for individuals, businesses, public safety and the broader economy.”“This could have devastating implications for individuals, businesses, public safety and the broader economy.”
Under the proposed legislation, the director general of security or head of an intercepting agency can issue a “technical assistance notice” for a company to assist in decryption where a warrant has already been issued to intercept telecommunications.Under the proposed legislation, the director general of security or head of an intercepting agency can issue a “technical assistance notice” for a company to assist in decryption where a warrant has already been issued to intercept telecommunications.
But no warrant is required for a “technical capability notice” issued by the attorney-general, only consultation with the affected party.But no warrant is required for a “technical capability notice” issued by the attorney-general, only consultation with the affected party.
Buskiewicz said that DIGI was “extremely concerned at the lack of judicial oversight and check and balances with this legislation”.Buskiewicz said that DIGI was “extremely concerned at the lack of judicial oversight and check and balances with this legislation”.
Fergus Hanson, the head of international cyber policy at the Australia Strategic Policy Institute said the government proposal was “a big improvement” on earlier suggestions companies could be required to introduce systemic vulnerabilities.
Hanson said the bill still allowed law enforcement to demand encryption be peeled back where there is an existing capability, such as a key, that allowed decryption.
The shadow attorney general Mark Dreyfus said Labor was still in the process of analysing the exposure draft bill.The shadow attorney general Mark Dreyfus said Labor was still in the process of analysing the exposure draft bill.
“It is important that this bill does not produce any systemic weaknesses that would erode privacy and security for all,” he said, “and create vulnerabilities that could just as easily be exploited by criminals seeking to target law-abiding members of the community.”“It is important that this bill does not produce any systemic weaknesses that would erode privacy and security for all,” he said, “and create vulnerabilities that could just as easily be exploited by criminals seeking to target law-abiding members of the community.”
The Coalition argues the bill is necessary because more than 90% of data intercepted by the Australian federal police used some form of encryption.The Coalition argues the bill is necessary because more than 90% of data intercepted by the Australian federal police used some form of encryption.
The law enforcement and cyber security minister, Angus Taylor, has said encryption has “directly impacted around 200 serious criminal and terrorism-related investigations in the last 12 months alone”.The law enforcement and cyber security minister, Angus Taylor, has said encryption has “directly impacted around 200 serious criminal and terrorism-related investigations in the last 12 months alone”.
Taylor said the reforms “will allow law enforcement and interception agencies to access specific communications without compromising the security of a network”.Taylor said the reforms “will allow law enforcement and interception agencies to access specific communications without compromising the security of a network”.
The Greens oppose the legislation. Senator Jordan Steele-John has said the legislation would allow security agencies to install software to capture data as it is decrypted on the receiving end “undermining the very principle of end-to-end encryption”.The Greens oppose the legislation. Senator Jordan Steele-John has said the legislation would allow security agencies to install software to capture data as it is decrypted on the receiving end “undermining the very principle of end-to-end encryption”.
Australian politicsAustralian politics
FacebookFacebook
TwitterTwitter
InternetInternet
newsnews
Share on FacebookShare on Facebook
Share on TwitterShare on Twitter
Share via EmailShare via Email
Share on LinkedInShare on LinkedIn
Share on PinterestShare on Pinterest
Share on Google+Share on Google+
Share on WhatsAppShare on WhatsApp
Share on MessengerShare on Messenger
Reuse this contentReuse this content