New Australian Anti-Encryption Laws (Assistance and Access Bill)


#1

I would first like to apologise for the foolish and damaging actions of my government - the Australian government - who has recently passed a new law, the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018

For those who aren’t aware, this law will allow authorities to compel a company or individual to hand over secure information and if this is not possible, make it so that it is (such as by modifying software, etc) - and then not tell anyone, including their boss and obviously not their customers.

Cloudflare is in a unique situation where a huge amount of third-party information traverses its networks and is stored, even if only temporarily, on its systems. Put simply, Cloudflare is in a unique position to decrypt, collect, or otherwise subvert the security on a vast amount of information.

My questions are:

  • How does this new law affect Cloudflare (who serve Australian content, and have networks, servers and customers in Australia)?
  • How can I trust that information held by Cloudflare or traversing the Cloudflare network, and Cloudflare’s systems, are secure, when a law now exists that appears able to compel Cloudflare, or an individual with access to Cloudflare’s systems, to make such information insecure or alter Cloudflare’s systems in such a way as to subvert their security, while also making it illegal for that individual or Cloudflare to advise anyone of this?

Thank you.


#2

Great question and one we discussed at work today, We work with several businesses using various international services in & outside of AU and all asking the same thing.
With corporate espionage at an all time high, (grab your tinfoil helmets :rescue_worker_helmet:) a concern I have, if the new law is to grant law enforcement agencies keys to the hen house, what’s stopping one of those individuals from selling it for personal gain or the likely case of a security breach? You may remove your helmets now… :slight_smile: Also, I really hope things change before this negatively impacts legitimate AU businesses.


#3

This topic was automatically closed after 14 days. New replies are no longer allowed.