Alarmed by the broad range of powers being given to Commonwealth security agencies under the Federal Government'sCybercrime Bill 2001, the Australian Computer Society (ACS) last week presented a submission to parliament.
While supporting the legislation "in principle", the ACS has serious reservations about the bill, which allows theDefence Signals Directorate and Australian Security Intelligence Organisation to legally hack systems.
As reported in Computerworld (July 9, 2001 p1), the bill forces companies by law to reveal passwords, keys, codes andcryptographic and stenographic methods used to protect information.
Presenting the submission to the Senate Legal and Constitutional Legislation Committee, ACS vice president Philip Argysaid the bill was supposed to be based on the Model Criminal Code but has made serious departures from the originalreport.
The bill proposes seven new computer offences carrying jail terms of up to 10 years and makes it illegal to possesshacker toolkits, scanners and virus code.
"We need to avoid making criminal offences of innocuous or legitimate computer-related activities and the billpotentially does this through its broad use of language," Argy said.
He pointed out that the original report into the bill warned: "One might just as well argue for offences of impedingthe lawful use of a television or record player."
Argy said seemingly reasonable provisions are converted into precisely the prohibitions the bill was supposed to avoidand leaves everyday activity vulnerable to prosecution "by misguided, if not over-zealous enforcement authorities".
While the ACS supports enforcement, Argy said education within enforcement agencies is a significant element infighting computer-related crime.
"We also want civil liberties protected and to ensure strong legislation isn't used by enforcement agencies forharassment or other ulterior purposes. We are calling for investigative powers to be subject to appropriatesupervision and scrutiny," Argy said.