Issue No 22: 11 September 2018
SAVE THE DATE – Comms Essentials on Space and Satellite
When: Wednesday, 26 September 2018, 9.00am (9.30am start) – 11.30am
Communications Alliance*, AIIA and AMTA joint submission on the exposure draft of the ‘Encryption Bill’
This submission on the exposure draft of the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018 (Bill or Encryption Bill) is lodged by Communications Alliance*, the Australian Information Industry Association (AIIA) and the Australian Mobile Telecommunications Association (AMTA).
Industry shares Government’s desire to protect national security, fight terrorism and crime, enforce law and to enable the relevant agencies to effectively do so in a digital age. Member companies already provide law enforcement and intelligence agencies with various assistance under the Data Retention Regime, the Telecommunications Sector Security Reform (TSSR) and/or through the workings of interception legislation and assistance obligations under the Telecommunications Act 1997.
Encryption underpins almost any online activity. Therefore, it is vital to ensure that encryption, and the resultant trust that communications and transactions (in their widest form) are secure and private, are not weakened. Regrettably, encryption is, at times, also being used to conceal illicit and criminal activities and has the potential to significantly hinder the work of intelligence and law enforcement agencies.
The Associations and their members are strong advocates for cybersecurity, data protection and the protection of privacy. Unfortunately, the exposure draft of the Bill bears the very real risk of severely damaging Australia’s (and international) cybersecurity and, therefore, to act contrary to its stated aim of increasing security for Australians. The proposed Bill not only creates a schism between security and safety on the one hand and privacy rights on the other, it also – and potentially even more importantly – creates friction between security/safety for the purpose of law enforcement and crime prevention, and security/safety of electronic products and services and, consequently, for our everyday digital lives.
In many places the draft legislation is ambiguous. It lacks definition and clarity as to what it is trying to achieve. The lack of clarity and detail raises significant concerns around intent, actual implementation and, ultimately, legislative overreach. The extraordinarily broad application to almost any person or organisation that has dealings with electronic products and services, irrespective of their location, and the extremely wide scope of acts and things that can be requested of those actors further increase concerns of legislative overreach.
The attempted extraterritorial reach of the legislation is unprecedented. Not only does it have the potential to generate anti-competitive outcomes and to create disincentives for providers to offer products and services to Australians, it also creates significant risks for Australian providers to breach laws in foreign jurisdictions when they are taking action as a result of the requirements of the Bill.
The notice processes created under the draft Bill are prone to the exercise of bias and lack an independent assessment mechanism. Equally concerning is the lack of strong judicial oversight of a piece of legislation that has the potential to significantly impact on society’s overall security and the privacy of individuals.
The proposed legislation seeks to break new ground and to set international precedents. Consequently, there is a pressing need to clearly articulate why it is needed and, once consensus is reached, ‘to get it right’, also bearing in mind international obligations and peer nations’ norms. It is imperative that the legislation does not weaken existing cybersecurity structures, carefully balances security and privacy considerations, minimises unintended consequences, and it should be developed within a more holistic framework around cybersecurity, data retention, network security, interception and privacy.
More needs to be done to achieve this. Further consultation (and work on the development of practical measures and their implementation) with all relevant stakeholders, including the Associations and their members, is required prior to the Bill being introduced into Parliament. Industry would welcome the opportunity to review a second exposure draft of the Bill before it is introduced into Parliament.
Once introduced into Parliament, the legislation must be referred to the Parliamentary Joint Committee on Intelligence and Security (PJCIS) for further scrutiny prior to passage.
*NOTE: This submission does not represent the views of NBN Co.
Communications Alliance, DIGI and AIIA joint submission on the exposure draft of the Consumer Data Right Bill
The three Associations have made a joint submission on the exposure draft of the Treasury Laws Amendment (Consumer Data Right) Bill 2018. The Associations raise a number of concerns with the legislation, including:
Family Friendly Filter Program Helps Australian Parents Protect Kids Online
Australian parents wanting to protect their families from unwanted or harmful internet content now have new options under the reinvigorated Family Friendly Filter program operated by Communications Alliance.
Three new filter vendors have now passed the rigorous independent testing needed to be certified as Family Friendly Filter providers.
The newly accredited filters are:
Australians seeking assurance that family members – and children in particular – will not be exposed to inappropriate or potentially harmful internet content can choose a certified filter provider by visiting the Family Friendly Filter page on the Communications Alliance website.
Communications Alliance CEO, John Stanton, said the availability of three certified providers was particularly welcome in an environment of increasing concern about the potentially harmful effects of children being exposed to sexually explicit content online.
“We are working closely with the Office of the eSafety Commissioner on online safety issues, and the Family Friendly Filter program has an important role to play in offering safe options to parents,” Mr Stanton said.
To qualify as a Family Friendly Filter provider, filter vendors must pass stringent testing performed by respected independent testing house, Enex TestLab, which uses an undesirable content site list provided by the Office of the eSafety Commissioner.
The testing criteria include effectiveness, ease of use, configurability, availability of support and agreement by the candidate filter company to update the filter as required by the Office of the eSafety Commissioner – for example where the Office determines following a complaint that a specified site is prohibited under Australian law.
The filters come in a number of levels of classification, enabling families to choose a level of filtering that is suitable to the age of children in the family.
Filters are only one tool that can be used to encourage safe internet access. The Office of the eSafety Commissioner provides a range of information, tools and educational material for parents and schools. The Office also offers help with and accepts complaints regarding cyber bullying and offensive and illegal content.
In addition, many Australian Internet Service Providers (ISPs) have tools and information available to parents concerned about online safety issues.
Some examples include:
Communications Alliance is pleased to welcome the following new member;