<div dir="ltr"><div dir="ltr"><div>Haven't properly checked the numbers behind this graph. I'm in the process of putting together a cost analysis of the Access & Assistance regime as proposed, versus the costs where all TCNs/TANs/TARs are managed through the one central agency.<br><br>I think there's 2 very interesting things of note:<br><br>1 - The very considerable (2x) cost of the framework as proposed versus the cost of centralising<br><br>2 - The very obvious economies of scale as you ramp up to large numbers of requests from Law Enforcement - demonstrating the anticompetitive consequences of the proposed regime<br><br>Kind regards<br><br>Paul Wilkins<br><br></div><div><br></div><div><div><img src="cid:ii_jmwz10sq0" alt="image.png" width="422" height="220"><br></div></div></div></div><br><div class="gmail_quote"><div dir="ltr">On Fri, 28 Sep 2018 at 08:27, Paul Brooks <<a href="mailto:pbrooks-ausnog@layer10.com.au">pbrooks-ausnog@layer10.com.au</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<div class="m_-3068891009702505054moz-cite-prefix">This is how I put it for an article in
CommsDay yesterday, as an Internet Australia position:<br>
-------------------<br>
The government is clearly trying to rush this through in a sham
process with no real good-faith effort being made on consultation
with external experts or the community.<br>
<br>
Allocating just a single day for public hearings is extremely
short-sighted, given the high interest and volume of submissions
to the original Dept of Home Affairs consultation, including many
highly respected international stakeholders. The PJCIS will not
know how many submissions it will receive or requests to appear at
public hearings until at least 2nd October and probably later -
only then will the Committee be able to assess how many days of
hearings it will need to hear from all stakeholders. The process
is far too short to enable the many international experts from
institutions such as MIT, Harvard and the Internet Architecture
Board to plan travel to Australia to appear.<br>
<br>
It is also telling that the single scheduled hearing day is only
one week after the close of submissions, leaving insufficient time
for the Committee to read and fully evaluate all the submissions
it is likely to receive - this will in turn reduce the value of
the public hearings in assisting the Committee to delve into the
many substantial problems with the proposed legisaltion. <br>
<br>
We request the Department accelerate the publication of all the
submissions to its enquiry - it appears to only have published
submissions from names beginning with A-E so far - and call on the
government to allow the PJCIS all the time it will require to
properly evaluate all the submissions it will receive, and
schedule as many public hearing days as it needs to become fully
informed of the consequences and dangers for the public and for
the global communications infrastructure if this Bill proceeds
unchanged.<br>
<br>
Regards,<br>
Paul.<br>
<br>
<br>
(I haven't actually seen the CommsDay article, if anybody
subscribes could you please send it to me? :-))<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
On 27/09/2018 11:34 AM, Paul Wilkins wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">To my mind, treatment by Attorney General's of
the consultation process holds the public and industry in
contempt. With under 2 weeks between closure of submissions
and transfer to PJCIS, how could they have even read all
submissions, let alone given them due consideration? The
bearest of amendments fiddling at the edges serves only so
that Dutton can tell the House industry has been consulted,
before steamrolling an ill prepared Bill through the House.<br>
<br>
The Guardian article suggests Labor support is iffy. But I'm
not even convinced Liberals are behind this, the push seems
to emanate from Attorney General's.<br>
<br>
For anyone with serious concerns, looking to delay passage
of the Bill to give sufficient time to allow development of
a considered well designed framework, with a workable and
proportionate regime, I'd be writing to local members and
pointing out where the Bill is premature, deficient and
badly framed.<br>
<br>
Kind regards<br>
<br>
Paul Wilkins<br>
<br>
</div>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr">On Thu, 27 Sep 2018 at 11:07, Paul Wilkins <<a href="mailto:paulwilkins369@gmail.com" target="_blank">paulwilkins369@gmail.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">
<div><a href="https://www.theguardian.com/australia-news/2018/sep/27/australias-spyware-law-could-expose-phones-to-exploitation-business-group-warns" target="_blank">https://www.theguardian.com/australia-news/2018/sep/27/australias-spyware-law-could-expose-phones-to-exploitation-business-group-warns</a></div>
<div><br>
</div>
<div>Submission by <a href="https://www.homeaffairs.gov.au/consultations/Documents/australian-information-industry.pdf" target="_blank">Australian
Information Industry Association</a></div>
<br>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr">On Tue, 25 Sep 2018 at 17:58, Paul Brooks
<<a href="mailto:pbrooks-ausnog@layer10.com.au" target="_blank">pbrooks-ausnog@layer10.com.au</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<div class="m_-3068891009702505054m_-8122858438961033763m_7476132786117279664moz-cite-prefix">I've
heard the PJCIS process will also be rushed. Calls for
'intentions to submit/reqests to appear' are open now
for a few weeks only.<br>
<b>They are planning precisely 1 single day for public
hearings. No more.</b><br>
<br>
There are three sitting weeks left in the year. There
is an election to be called next year probably in May,
and caretaker conventions which would prevent any
further work on this bill from sometime in April. so
the Government's need for an accelerated process is
clear.<br>
<br>
All these points below need to be made in submissions
to the PJCIS now, so that they can easily see they'll
need more than 1 day to get through all the witnesses
that want to appear and make these points.<br>
<br>
<a class="m_-3068891009702505054m_-8122858438961033763m_7476132786117279664moz-txt-link-freetext" href="https://www.aph.gov.au/Parliamentary_Business/Committees/Joint/Intelligence_and_Security/TelcoAmendmentBill2018" target="_blank">https://www.aph.gov.au/Parliamentary_Business/Committees/Joint/Intelligence_and_Security/TelcoAmendmentBill2018</a><br>
<blockquote type="cite">The Committee is currently
accepting submissions to this review. Submissions
should be provided no later than <strong>12pm,
Friday, 12 October 2018.</strong> If you intend to
make a submission, please contact the Secretariat at
<a href="mailto:TOLAbill@aph.gov.au" target="_blank">TOLAbill@aph.gov.au</a> by
Tuesday, 2 October 2018 to assist with planning.
Hearings are expected to be held on Friday, 19
October 2018.</blockquote>
<br>
Please - send an email now to <a class="m_-3068891009702505054m_-8122858438961033763m_7476132786117279664moz-txt-link-abbreviated" href="mailto:TOLAbill@aph.gov.au" target="_blank">TOLAbill@aph.gov.au</a> to
confirm you will (a) make a submission, and (b) wish
to appear at the public hearing - and then work out
what you want to say. Re-sending a submission
previously sent to the Home Affairs sham consultation
would be a good start - the committee may not be given
the submissions sent in earlier this month to Home
Affairs..<br>
<br>
And clear your diaries for Friday 19th October - maybe
in Canberra if there is to be only one day. I'm still
waiting on confirmation of venue.<br>
<br>
Paul.<br>
<br>
<br>
On 25/09/2018 5:05 PM, Paul Wilkins wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div dir="ltr">I'm thinking Dutton's decision to
push ahead with an ill drawn bill wasn't
completely isolated from his and the government's
need to change the news cycle around his au pair
scrape.<br>
<br>
Which is not to say the cops don't have active
activations they want these powers for, and as
soon as possible. A big bust with Dutton's new
powers would be a shot in the arm for the
government's fortunes.<br>
<br>
However, the Bill doesn't deserve to pass, because
it's not ready, and will lead to unhappy outcomes,
particularly for service providers. Everyone has
their concerns, these are mine:<br>
<br>
1 - The multiplicity of agencies and agents who
can authorise TANs and TARs.<br>
<br>
1a - Warrant data and service provider data will
reside with the issuing agencies.<br>
<br>
Hence, the government needs to reconsider the
whole approach, and instead, have one agency act
as a clearing house for TCN/TAN/TARs, and act as
custodian of warrant data and service provider
confidential data.<br>
<br>
2 - The lack of civil appeal process against
TCN/TAN/TARs.<br>
Grounds for appeal to either refuse or delay
assistance should include:<br>
Cost, security management, risk management,
business management processes, disruption to
business, disparity of TCN/TAN/TAR with Privacy
Act 1988.<br>
<br>
2a - The real possibility TAN/TARs will be used by
Law Enforcement to coerce unlawful
access/disclosure.<br>
<br>
3 - The low bar required to issue TCN/TAN/TARs.
The government's case for these powers is serious
crime and terrorism. I don't know, but I imagine
they settled for "serious crime as defined under
the Crimes Act" because (again I'm guessing)
that's the standard for physical warrants? It'd be
good to be clear as to this point, because cyber
warrants and physical warrants are, I think we'll
agree, different in kind. It's one thing to
execute a physical warrant, which means you have
to give Law Enforcement entry, but I feel 2 years
sets the bar a little low to let Law Enforcement
go snooping about a data centre, or pushing
bootloader updates to your phone.<br>
<br>
4 - The lack of accountability. The reporting
requirements are a rubber stamp, and leave the
public none the wiser how these powers are being
used, whether they're successful, and to what ends
they're exercised. They will of course be used by
the AFP to pursue journalist sources of government
leaks. I'm not sure it's clear all leaks are
against the public interest. There's that problem
where the government's interests, and the public
interest, are not always the same thing.<br>
<br>
4a - There needs to be specific details as to the
use of the power to enforce silence as to the
existence of TCN/TAN/TARs. I'm thinking this power
to suppress shouldn't lie with Law Enforcement at
all, but should rather form part of the terms of
the accompanying computer/data warrants.<br>
<br>
5 - The Emergency provisions make the police a
power answerable to themselves for 48 hours.<br>
<br>
6 - The definition of "computer" which extends to
any data held on any computer connected on "the
same network" - which can be read as extending to
the internet and anything that connects to the
internet.<br>
<br>
7 - I think the drafting is flawed, where
TCN/TAN/TARs restrict themselves to a target
computer. I think it's arguable the Bill doesn't
extend to compelling access to ancillary
computers/network devices, needed to extract data
from the target computer.</div>
<div dir="ltr"><br>
</div>
<div dir="ltr">
<div>Kind regards</div>
<div class="m_-3068891009702505054m_-8122858438961033763m_7476132786117279664gmail-yj6qo
m_-8122858438961033763m_7476132786117279664gmail-ajU">
<div id="m_-3068891009702505054m_-8122858438961033763m_7476132786117279664gmail-:qx" class="m_-3068891009702505054m_-8122858438961033763m_7476132786117279664gmail-ajR"><img class="m_-3068891009702505054m_-8122858438961033763m_7476132786117279664gmail-ajT" src="https://ssl.gstatic.com/ui/v1/icons/mail/images/cleardot.gif"></div>
</div>
<span style="color:rgb(0,0,0)"><span class="m_-3068891009702505054m_-8122858438961033763m_7476132786117279664gmail-HOEnZb
m_-8122858438961033763m_7476132786117279664gmail-adL">
<div><br>
</div>
<div>Paul Wilkins</div>
</span></span></div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr">On Tue, 25 Sep 2018 at 13:51, <<a href="mailto:trs80@ucc.gu.uwa.edu.au" target="_blank">trs80@ucc.gu.uwa.edu.au</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On
Tue, 25 Sep 2018, Paul Wilkins wrote:<br>
<br>
> Australia is bound under international law
against arbitrary or unlawful incursions of the
right to privacy. That's black letter<br>
> law.<br>
<br>
We are also bound under international law the 1951
Refugee Convention. The <br>
Australian government removed references to the
convention from the laws <br>
of Australia, so the courts can no longer enforce
it. See also this great <br>
quote:<br>
<br>
The Court held that Australian courts are bound to
apply Australian <br>
statute law “even if that law should violate a
rule of international law.”<br>
<br>
<a href="http://ilareporter.org.au/2018/04/australias-disengagement-from-international-refugee-law-the-principle-of-non-refoulement-and-the-doctrine-of-jurisdiction-sophie-capicchiano-young/" rel="noreferrer" target="_blank">http://ilareporter.org.au/2018/04/australias-disengagement-from-international-refugee-law-the-principle-of-non-refoulement-and-the-doctrine-of-jurisdiction-sophie-capicchiano-young/</a><br>
<a href="http://www.austlii.edu.au/cgi-bin/sinodisp/au/cases/cth/HCA/2015/1.html" rel="noreferrer" target="_blank">http://www.austlii.edu.au/cgi-bin/sinodisp/au/cases/cth/HCA/2015/1.html</a>
p462<br>
<br>
So as Mark said, these international "laws" mean
nothing here unless <br>
enacted by the Australian parliament. And specific
bills, like the <br>
Assistance and Access Bill can override them at
will.<br>
<br>
-- <br>
# TRS-80 trs80(a)<a href="http://ucc.gu.uwa.edu.au" rel="noreferrer" target="_blank">ucc.gu.uwa.edu.au</a>
#/ "Otherwise Bub here will do \<br>
# UCC Wheel Member <a href="http://trs80.ucc.asn.au/" rel="noreferrer" target="_blank">http://trs80.ucc.asn.au/</a>
#| what squirrels do best |<br>
[ "There's nobody getting rich writing
]| -- Collect and hide your |<br>
[ software that I know of" -- Bill Gates, 1980
]\ nuts." -- Acid Reflux #231 /</blockquote>
</div>
<br>
<fieldset class="m_-3068891009702505054m_-8122858438961033763m_7476132786117279664mimeAttachmentHeader"></fieldset>
<br>
<pre>_______________________________________________
AusNOG mailing list
<a class="m_-3068891009702505054m_-8122858438961033763m_7476132786117279664moz-txt-link-abbreviated" href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a>
<a class="m_-3068891009702505054m_-8122858438961033763m_7476132786117279664moz-txt-link-freetext" href="http://lists.ausnog.net/mailman/listinfo/ausnog" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a>
</pre>
</blockquote>
<p><br>
</p>
</div>
</blockquote>
</div>
</blockquote>
</div>
<br>
<fieldset class="m_-3068891009702505054mimeAttachmentHeader"></fieldset>
<br>
<pre>_______________________________________________
AusNOG mailing list
<a class="m_-3068891009702505054moz-txt-link-abbreviated" href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a>
<a class="m_-3068891009702505054moz-txt-link-freetext" href="http://lists.ausnog.net/mailman/listinfo/ausnog" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a>
</pre>
</blockquote>
<p><br>
</p>
</div>
_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
</blockquote></div>