Australia’s controversial new laws which allow law enforcement agencies to intercept and surveil encrypted communications have been referred to the country’s Independent National Security Legislation Monitor (INSLM) for scrutiny.
It is the first time in Australian history that legislation has been referred to the INSLM and opens up the possibility that Dr James Renwick, the current INSLM, could recommend changes to the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 which was waved through Parliament late last year.
Why has the encryption law been referred?
The referral has been made by Australia’s by the Parliamentary Joint Committee on Intelligence and Security (PJCIS). They are currently carrying out their own review of the laws.
This is not due to report back until the spring of 2020 at the earliest although their views on the 67 pages of government amendments to the original draft legislation, which were all approved last year, is due shortly.
Explaining the decision to refer the encryption law to the INSLM, the joint chairs of the PJCIS, Andrew Hastie and Anthony Byrne, have shown a level of maturity and responsibility that has been sorely lacking in this debate to date.
“The Assistance and Access Act seeks to respond to highly technical challenges encountered by Australian intelligence and law enforcement agencies, and the Act has attracted significant domestic and international attention,” they explained in a statement announcing the decision.
“In our view, the INSLM provides a valuable, independent perspective on the balance between necessary security measures and the protection of civil liberties,” they continued. ‘As such, the INSLM is an important and valued component of Australia’s national security architecture.”
The decision was not a huge surprise. In their previous review of the draft legislation, the PJCIS had recommended that the bill should include a statutory review of how it was operating in practice within 18 months of coming into force.
The government has come under growing pressure to make this review happen sooner with the opposition Labor Party joining calls from industry experts such as the Communications Alliance, the Australian Information Industry Association, and the Australian Industry Group.
Now the PJCIS has taken the decision out of their hands and opened up the possibility that the INSLM could soften the controversial new encryption law sooner rather than later.
The dangers of the current encryption laws
Australia’s current encryption laws have been hugely controversial for a long time. From the moment they were proposed, experts and the Australian public have railed against them, but from the very start, it was clear that politicians in Canberra just weren’t listening.
The Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 borrows a great deal from the UK’s Investigatory Powers Act, another overbearing piece of legislation which was condemned by almost everyone who properly understood it.
The new law requires tech companies to re-engineer their products to enable Australian authorities to carry out surveillance using cameras and microphones on peoples smartphones and computers.
It also requires companies to store the content of encrypted communications and to make that content available to law enforcement agencies if requested. This effectively forces tech companies to create backdoors into encrypted communications, rendering them insecure.
The question now is what effect these restrictions will have. Most domestic-based encrypted communications providers will likely feel obliged to comply with the new law. But this will not necessarily be the case for overseas firms.
The Australian market is a modest one in the global scheme of things and many tech companies may decide it is better for them to walk away rather than undermine their own product in order to comply with the law in just one country.
The consequence of that is likely to be more and more people using a VPN to access these products from overseas.
How to use a VPN to get around Australian encryption laws
By signing up for a VPN such as ExpressVPN or NordVPN, Australian internet users are able to circumvent their country’s overbearing encryption laws by simply connecting to a server located outside Australian jurisdiction.
By doing this, they will be able to access any secure communications services which have withdrawn from the Australian market and at the same time encrypt everything they do online to prevent Australian authorities from being able to spy on them.
Premium VPNs like these have managed to keep their service operating in countries like China and Russia where authorities have attempted to ban them completely. There is no way they are going to bow to any pressure from Australia to break their encryption.
It is to be hoped that Australia’s INSLM will be able to help the Australian government out of the tricky position they have created for themselves by helping them to soften this overbearing and intrusive law.
But even if he doesn’t, there is still an easy solution for the Australian people themselves; using a VPN.