<div dir="ltr">My reading isn't as positive. tl;dr - it's too vague and open to intepretation.<div><br></div><div>From the Explanatory Document (<a href="https://www.homeaffairs.gov.au/consultations/Documents/explanatory-document.pdf">https://www.homeaffairs.gov.au/consultations/Documents/explanatory-document.pdf</a>):</div><div><br></div><div>"
Allow the Attorney-General to issue a technical capability notice, requiring a designated
communications provider to build a new capability that will enable them to give assistance as
specified in the legislation to ASIO and interception agencies. A technical capability notice cannot
require a provider to build or implement a capability to remove electronic protection, such as
encryption. The Attorney-General must be satisfied that any requirements are reasonable,
proportionate, practicable and technically feasible. The Attorney-General must also consult with the
affected provider prior to issuing a notice, and may also determine procedures and arrangements
relating to requests for technical capability notices.
"</div><div><br></div><div>So, our government is proposing that it should be able to compel organisations to build capability into their products that allows the various designated interception agencies to access data. The government can't required that they turn off existing electronic protections - but it does not say that they cannot add back-doors, AND it relies on the AG's satisfaction (remembering that s/he's the one issuing the "technical capability notice") that the requirements are reasonable, proportionate... etc.</div><div><br></div><div>I'm still not sure how we plan to force our will on overseas companies. I'm also not convinced that the protections against back-doors are strong enough, particularly when it appears that the AG gets to decide what's appropriate and what isn't, particularly when the various requests and notices are issued by the AG to start with, and the AG will clearly have a vested interest in whatever they want being done as requested.</div></div><br><div class="gmail_quote"><div dir="ltr">On Tue, 14 Aug 2018 at 13:01, Rob Thomas <<a href="mailto:xrobau@gmail.com">xrobau@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I hate to be the ones COMPLIMENTING the Gumbyment, but it's nowhere<br>
near as bad as I thought they were going to make it. It looks like<br>
they've actually spoken to some people who udnerstand crypto.<br>
<br>
The important bits seem to be on Pages 8 and 9 here -<br>
<a href="https://www.homeaffairs.gov.au/consultations/Documents/explanatory-document.pdf" rel="noreferrer" target="_blank">https://www.homeaffairs.gov.au/consultations/Documents/explanatory-document.pdf</a><br>
- where they explain what they can do.<br>
<br>
The only SLIGHTLY worrying bit is the second last part on Page 9 -<br>
They can compel people into "Modifying or substituting a target<br>
service", which seems worryingly vague.<br>
<br>
I haven't read through all of it, and - of course - the devil will be<br>
in the details. But, it's not bad, all things considered.<br>
<br>
--Rob<br>
<br>
On Tue, 14 Aug 2018 at 12:40, I <<a href="mailto:beatthebastards@inbox.com" target="_blank">beatthebastards@inbox.com</a>> wrote:<br>
><br>
> <a href="https://www.homeaffairs.gov.au/about/consultations/assistance-and-access-bill-2018" rel="noreferrer" target="_blank">https://www.homeaffairs.gov.au/about/consultations/assistance-and-access-bill-2018</a><br>
> _______________________________________________<br>
> AusNOG mailing list<br>
> <a href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a><br>
> <a href="http://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
</blockquote></div>