A cybersecurity researcher has warned that the anti-encryption laws passed last year by the federal parliament in Australia are being used to circumvent journalist protection in other national security laws. A review launched by the parliamentary joint committee on security will now look into 2018's Telecommunications Assistance an Access Act.
The legislation changed several changes to existing laws, specifically addressing law enforcement access to data, and in what situations tech companies are obliged to hand in the data to the authorities for them to see it, even when it is encrypted.
A controversial part of the updates made granted the power to law enforcement to add, copy, delete, or alter data on computers subjected to the execution of a warrant. This is the new power that the Australian federal police relied on, in the infamous case of police officers screening through and reviewing files for hours in the ABC headquarters.
The Department of Home Affairs admitted that the AFP relied on the power in June, to raid the ABC and the Canberra home of News Corp journalist Annika Smethurst.
The Department stated that “in June 2019, the Australian federal police executed two search warrants in relation to secrecy offenses in part 6 (offenses by and against public officers) and part 7 (official secrets and unlawful soundings) of the Crimes Act.”
“In executing these search warrants, the AFP used section 3F of the Crimes Act, which was amended by schedule 3 of the Assistance and Access Act.”
Riana Pfefferkorn, associate director of surveillance and cybersecurity at Stanford Center for Internet and Society, pointed out that this undermines the protection granted to journalists under other national security laws.
The data retention legislation, in fact, had a niche for journalists that imposed law enforcement to have a specific warrant for journalists. In a personal submission to the review, Pfefferkorn said that the combination of the new powers de facto invalidates the need to obtain a specific warrant.
“Law enforcement's powers granted under the Data Retention Act in 2015 were augmented by the new powers the Assistance and Access Act provided at the end of 2018, creating the framework that authorised the federal police in mid-2019 to raid the homes and offices of journalists over articles published in July 2017 and April 2018, in defiance of international norms,” said Pfefferkorn.
“Because parliament passed these laws, the federal police had the power to strike a chilling blow against press freedom in Australia, and call it lawful.”
Tech companies including Apple, Adobe, Cisco, Deloitte, Google, and IBM – represented by the Australian Information Industry Association – said that they are considering leaving Australia due to the new legislative obligations.