<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">I had a fairly long session in front of
the PJCIS hearing on Friday afternoon. The audio stream isn't up
on APH yet, but theres been a few articles in the IT media.<br>
<br>
<a class="moz-txt-link-freetext" href="https://www.zdnet.com/article/no-need-to-keep-encryption-busting-capabilities-secret-internet-australia/">https://www.zdnet.com/article/no-need-to-keep-encryption-busting-capabilities-secret-internet-australia/</a><br>
<a class="moz-txt-link-freetext" href="https://www.itwire.com/government-tech-policy/85302-encryption-bill-problems-due-to-secret-drafting,-says-ia.html">https://www.itwire.com/government-tech-policy/85302-encryption-bill-problems-due-to-secret-drafting,-says-ia.html</a><br>
<br>
There are two more hearings, both in Canberra scheduled 27th and
30th November. They should be livestreamed with video, while this
Sydney hearing was only audio.<br>
<br>
There are more submissions rolling in and being published almost
daily, despite the formal submissions period being 'closed'. If
you'd like to tell the PJCIS what you think, they will still
accept and publish submissions -
<a class="moz-txt-link-freetext" href="https://www.aph.gov.au/Parliamentary_Business/Committees/Joint/Intelligence_and_Security/TelcoAmendmentBill2018/Submissions">https://www.aph.gov.au/Parliamentary_Business/Committees/Joint/Intelligence_and_Security/TelcoAmendmentBill2018/Submissions</a><br>
<br>
One of the latest (#85) is from Senatas, an Australian
manufacturer and vendor of network encryption security devices,
warning of economic damage to Australia's IT export industry.<br>
<br>
Paul (wearing hat as Chair, Internet Australia)<br>
<br>
<br>
<br>
<br>
On 18/11/2018 11:45 AM, Paul Wilkins wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAMmROTK1+vT4DShO6VVi3b9TC3UEg1onrbByZ3JF42TopQAGjw@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<div dir="ltr">
<div dir="ltr">
<div>This list was intended to highlight salient concerns, and
not as a summary of the areas of real concern. A more
complete summary of concerns would look more like:</div>
<div><br>
</div>
<div>
<div>1 - Why is there no judicial oversite of these sweeping
police powers?</div>
<div>2 - Scope of powers go beyond terrorism and serious
crime when it's not supposed to.<br>
</div>
<div>3 - It supports the establishment of the machinery of
mass surveillance when it's not supposed to.<br>
</div>
<div>4 - It weakens the Internet's security, when it's not
supposed to.</div>
<div>5 - Why are there no limits to ensure issue of
TCNs/TANs/TARs are necessary and proportionate to the
human right to privacy, unrevokeable per the Declaration
of Human Rights.</div>
<div>6 - Why the deliberate exclusion/incompatibility of the
provisions of the Privacy Act 1988?<br>
</div>
<div>7 - Why are there no limits to ensure issue of
TCNs/TANs/TARs are necessary and proportionate to service
providers rights private property, unrevokeable per the
Declaration of Human Rights.</div>
</div>
<div>
<div>8 - When Police Powers lie with the States, what
constitutional head of power supports the Bill's scope,
without enabling legislation from the States conferring
power? The Constitution confers national security powers,
but the scope of the Bill's police powers exceeds this
remit.<br>
9 - Why has the Bill overlooked the obvious alternative of
powers spread across a dozen Law Enforcement Agencies,
which is to centralise in one single agency, providing for
greater data security, governance, efficiency, and
accountability.<br>
10 - Why the lack of provisions for accountability for the
exercise of police powers, and checks and balances
commensurate to the reach of sweeping police powers, quite
incompatible with the democratic institutions and
traditions of Liberal Democracy?<br>
11 - Why the deliberately curtailed public consultation
process and attempt to ambush both the public and
government with this Bill by Dep't Home Affairs, and
representations of public and industry consultations as
being timely and adequate, incompatible with the facts on
the public record and the express concerns of the public,
human rights groups, and industry?<br>
12 - Why the absence of recompense for injury to
reputation or to service providers' business, or other
injury consequent to police malfeasance or misfeasance?
The Bill's protections are not comprehensive, and where
they make provision, go only as far as to establish lack
of liability for unlawful disclosures.<br>
13 - Why has the government of the day referred this
deeply flawed Bill to the PJCIS, PJCHR, and the SSCSB, for
review wasting public time and money, rather than sending
it back to Dep't Home Affairs for a complete overhaul of
it's scope and objectives?<br>
</div>
<div><br>
</div>
<div>Kind regards</div>
<div><br>
</div>
<div>Paul Wilkins</div>
<div><br>
</div>
<div>
<div class="gmail_quote">
<div dir="ltr">On Sat, 17 Nov 2018 at 13:10, Paul
Wilkins <<a href="mailto:paulwilkins369@gmail.com"
moz-do-not-send="true">paulwilkins369@gmail.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px
0px 0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div>These are all good points.</div>
<div><br>
</div>
<div>Home Affairs put up this Bill on the premise
it's needed to fight terrorism and serious crime
in the context of increasing use of encryption.
Unfortunately, this isn't that bill.<br>
</div>
<div><br>
</div>
<div>Home Affairs seem rather uninterested in
explaining why the remit of this Bill goes well
beyond this:</div>
<div><br>
</div>
<div>1 - Why is there no judicial oversite of these
sweeping police powers?</div>
<div>2 - Scope of powers go beyond terrorism and
serious crime when it's not supposed to.<br>
</div>
<div>3 - It supports the establishment of the
machinery of mass surveillance when it's not
supposed to.<br>
</div>
<div>4 - It weakens the Internet's security, when
it's not supposed to.</div>
<div>5 - Why are there no limits to ensure issue of
TCNs/TANs/TARs are necessary and proportionate to
the human right to privacy, unrevokeable per the
Declaration of Human Rights.<br>
</div>
<div>6 - Why are there no limits to ensure issue of
TCNs/TANs/TARs are necessary and proportionate to
service providers rights private property,
unrevokeable per the Declaration of Human Rights.</div>
<div><br>
</div>
<div>Unfortunately the way the Bill's drafted, the
only limit on the use of the Bill's powers is the
Dep't Home Affairs.</div>
<div><br>
</div>
<div>There's also the very interesting
constitutional question, how, when Police Powers
lie with the States, what constitutional head of
power supports the Bill's scope, without enabling
legislation from the States conferring power.<br>
</div>
<div><br>
</div>
<div>Kind regards</div>
<div><br>
</div>
<div>Paul Wilkins<br>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr">On Sat, 17 Nov 2018 at 10:34, Scott
Weeks <<a href="mailto:surfer@mauigateway.com"
target="_blank" moz-do-not-send="true">surfer@mauigateway.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px
0px 0px 0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex"><br>
<br>
It's still Friday here, so I am looking like I'm
working <br>
while reading these posts as I only have an hour
and a <br>
half to go before happy hour starts... ;-)<br>
<br>
<br>
--- <a
href="mailto:christian.heinrich@cmlh.id.au"
target="_blank" moz-do-not-send="true">christian.heinrich@cmlh.id.au</a>
wrote:<br>
From: Christian Heinrich <<a
href="mailto:christian.heinrich@cmlh.id.au"
target="_blank" moz-do-not-send="true">christian.heinrich@cmlh.id.au</a>><br>
<br>
Also <br>
<a
href="https://www.smh.com.au/national/nsw/are-encrypted-phones-allowing-criminals-to-get-away-with-murder-20150523-gh82gv.html"
rel="noreferrer" target="_blank"
moz-do-not-send="true">https://www.smh.com.au/national/nsw/are-encrypted-phones-allowing-criminals-to-get-away-with-murder-20150523-gh82gv.html</a><br>
which was 55 devices and 800 clients.<br>
<br>
Therefore the TAC et al are overkill within the
context of the<br>
Australian population of 25,000,000+<br>
------------------------------------------------<br>
<br>
This is a joke. Right? <br>
<br>
"...with the devices being used to arrange at
least two recent <br>
murders and hampered investigations into at least
two others."<br>
<br>
"Phantom Secure...enables messages to be sent and
ledgers kept <br>
on a device which investigators cannot crack or
intercept."<br>
<br>
"...we are confident we can erode their impact."<br>
<br>
So if the criminals used postal mail to arrange
those crimes<br>
and sent ledgers in the postal mail, would they
say 'we have <br>
to be able to read every postal mail' to erode
their impact <br>
and ensure safety and national security??? And, 4
crimes <br>
happened on a cell phone that's encrypted, so we
need to be <br>
able to read the contents of 25 million+ cell
phones whenever <br>
we want. Just in case. <br>
<br>
<br>
"...representatives from the NSW Police have
travelled to <br>
BlackBerry's headquarters in Canada in a bid to
get advice <br>
on how to retrieve information from the encrypted
devices."<br>
<br>
Wow, a free trip to Canada because they can't do
phone calls <br>
of internet video conferencing? Something stinks!<br>
<br>
<br>
======================================<br>
<br>
<br>
<a
href="http://www.abc.net.au/news/2017-09-04/queensland-fraud-squad-raised-$800k-three-years-project-synergy/8858852"
rel="noreferrer" target="_blank"
moz-do-not-send="true">http://www.abc.net.au/news/2017-09-04/queensland-fraud-squad-raised-$800k-three-years-project-synergy/8858852</a><br>
<br>
"Earlier this year the ABC lodged a right to
information <br>
application for documents outlining how much money
had <br>
been raised by Project Synergy.<br>
<br>
It was refused by Queensland Police."<br>
<br>
"The QPS has told the ABC that money raised was
used for <br>
training, cyber-safety programs and fraud
awareness."<br>
<br>
BWAHAHAHAHA! No we're not going to tell you how
we spent <br>
tons of money we shouldn't have spent. (Maybe for
fun on <br>
the Canada trip?)<br>
<br>
"...including some questionable items such as wine
<br>
coolers for a children's program".<br>
<br>
Further, we're going to get the kids drunk, so
they won't <br>
either.<br>
<br>
>:-) <= evil grin<br>
<br>
scott<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net"
target="_blank" moz-do-not-send="true">AusNOG@lists.ausnog.net</a><br>
<a
href="http://lists.ausnog.net/mailman/listinfo/ausnog"
rel="noreferrer" target="_blank"
moz-do-not-send="true">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
<br>
<br>
_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net"
target="_blank" moz-do-not-send="true">AusNOG@lists.ausnog.net</a><br>
<a
href="http://lists.ausnog.net/mailman/listinfo/ausnog"
rel="noreferrer" target="_blank"
moz-do-not-send="true">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
</blockquote>
</div>
</blockquote>
</div>
</div>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
AusNOG mailing list
<a class="moz-txt-link-abbreviated" href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a>
<a class="moz-txt-link-freetext" href="http://lists.ausnog.net/mailman/listinfo/ausnog">http://lists.ausnog.net/mailman/listinfo/ausnog</a>
</pre>
</blockquote>
<p><br>
</p>
</body>
</html>