Government’s encryption bill ‘fatally flawed,’ UN privacy watchdog says

United Nations special rapporteur on the right to privacy criticises government’s ‘poorly conceived’ encryption bill

The United Nations special rapporteur on the right to privacy has written to the government expressing concern over a bill intended to provide law enforcement agencies with new powers to access online communications services.

The Telecommunication and Other Legislation Amendment (Assistance and Access) Bill 2018 is an “example of a poorly conceived national security measure,” wrote Joseph Cannataci in his letter, which was sent to former foreign minister Julie Bishop and also submitted to an inquiry into the proposed legislation being conducted by the Parliamentary Joint Committee on Intelligence and Security.

The bill “is equally likely to endanger security as not,” Cannataci wrote — a criticism that has also been made by representatives of the technology and telecommunications sectors. Local human rights groups have also attacked the government's proposals.

The special rapporteur questioned whether the bill could achieve its aims without weakening the security of devices such as smartphones, tablets, cars and smart watches.

The bill contains “weak oversight and accountability structures,” including allowing the Attorney-General to issue Technical Capability Notices (instructions to a company to build a certain capability into their service) without judicial oversight. In addition, Technical Assistance Notices (instructions to use existing capabilities) can be issued by the head of an interception agency or their delegate without prior judicial authorisation.

Before TANs or TCNs are issued, the decision-maker must assess their “reasonableness and proportionality”.

“The people who occupy these positions are trusted to exercise suitable judgment about the propriety of requests and well equipped to consider the reasonableness and proportionality of any requirements,” said a Department of Home Affairs explanatory document released alongside an exposure draft of the bill.

“While heart-warming that such a state of trust exists in Australia, greater confidence would be generated in domestic and international quarters if the legislation established an independent mechanism that verifies proper conduct and use of these far-reaching powers by such decision makers,” Cannataci said.

He also took aim at provisions in the bill he said are “vague, overly broad or not defined” including the term “national security”.

The letter states that the special rapporteur’s concerns are compounded by the government’s “failure to provide remedy for serious invasions of privacy”.

“Further, currently Australia has limited human rights and privacy protections – it has no constitutional protection for privacy; it has no Bill of Rights that enshrines privacy, there is no tort of privacy, and unlike its neighbour, New Zealand, it has failed European adequacy assessments,” the document states.

“The Assistance and Access Bill is unlikely to be workable in some respects and is an unnecessary infringement of basic liberties in others. The broad drafting provides a high level of discretion on the use of these exceptional powers not to the Parliament but to agencies and the Attorney General. Its aims do not justify a lack of judicial oversight, or independent monitoring, or the extremely troubling lack of transparency.”

The bill “needs to be put aside” as it is “fatally flawed”.

The full document is available online (PDF).

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags privacycyber securitywar on maths

More about Attorney-GeneralAustraliaBillHomeUnited Nations

Show Comments