New push on cyber ‘security’ laws

Worried about online privacy? You should be. Photo: Flickr

Worried about online privacy? You should be. Not only are social media corporations spying on you, thanks to Australia’s draconian, poorly-written and over-reaching cyber “security” laws, the government now want to muscle in further on Big Brother’s territory.

Currently, data and information about your calls, texts and internet browsing history is being for up to two years (although sometimes longer). It can be made available to law enforcement agencies. The Telecommunications and Other Legislation Amendment (Assistance and Access) Act (TOLA), which passed with bipartisan support in 2018, as being like “giving the government keys to your house so they can come in anytime”.

TOLA is aimed at busting data encryption and contains far-reaching rules which threaten the privacy of ordinary citizens, as well as journalists and whistleblowers. As director for the Centre for Cyber Security Research & Innovation (CSRI) at Deakin University put it, TOLA ensures you have “no privacy” when it comes to your online information and any technology you use.

But this is not enough for the Coalition government. On February 19, the that it is seeking to allow the Australian Signals Directorate (ASD), Australia’s radio and telecommunication spy agency, to have more power to spy and hack in Australia, ostensibly because law enforcement agencies do not have enough power to tackle terrorist groups and online paedophile rings.

The ABC said such a change, already in an advanced stage, would allow the Australian Federal Police (AFP) to ask the ASD for assistance, or it could extend the cyber capability of the AFP. Home Affairs Minister Peter Dutton is on the record as wanting to expand the ASD’s powers.

This should be a major concern for all. The AFP raid on News Corp journalist Annika Smethurst last April after she broke the story that the government was seeking to expand its domestic spying powers is a case in point.

The government’s justification for its new spy powers relies on scaremongering about terrorists and paedophiles.

While Labor supported TOLA unamended, it has which include changing the definition of what is considered a “systemic vulnerability” so, for example, the government would not be able to order WhatsApp to completely remove end-to-end encryption from its service.

There is already : laws are being used in ways beyond the scope that was initially justified and intended. At a hearing of the (PJCIS) into the data retention laws in early February, examples were given of agencies and departments accessing the metadata that went far beyond the remit the legislation allowed. This included telcos along with metadata and enforcement agencies authorising metadata requests.

Dutton’s Department of Home Affairs was by the Commonwealth Ombudsman for not accurately accounting for the communication and metadata retention.

In early February, the South Australian health department revealed it had of a couple that had recently arrived from China and potentially had contracted coronavirus. Leaving aside the question of whether or not this was justified, it is beyond the “serious criminal investigation” scope of the metadata retention laws. As well, there are many other government agencies, , that would also love to have similar access.

The data and privacy breaches being tabled at the PJCIS only confirm the concerns raised by IT professionals and members of legal and privacy groups. In almost every instance, their making any talk of a “public dialogue” about an expansion of the ASD’s powers hollow.

Given the powers already available to law enforcement agencies under the data retention and TOLA laws, Dutton’s claim that are disingenuous.

As the data retention laws show, once law enforcement agencies have access to more power, they are Rather, they will .

A Bill of Rights is needed to provide some legal protections for the privacy and rights of citizens, journalists and whistleblowers from government spying.