{"id":23687,"date":"2018-12-12T13:13:56","date_gmt":"2018-12-12T18:13:56","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=23687"},"modified":"2019-02-28T15:41:18","modified_gmt":"2019-02-28T20:41:18","slug":"australian-assistance-and-access-act","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2018\/12\/12\/australian-assistance-and-access-act\/","title":{"rendered":"Australian Assistance and Access Act"},"content":{"rendered":"<p><a href=\"https:\/\/www.eff.org\/deeplinks\/2018\/12\/new-fight-online-privacy-and-security-australia-falls-what-happens-next\">Danny O&rsquo;Brien<\/a>:<\/p>\n<blockquote cite=\"https:\/\/www.eff.org\/deeplinks\/2018\/12\/new-fight-online-privacy-and-security-australia-falls-what-happens-next\">\n<p>With indecent speed, and after the barest nod to debate, the Australian Parliament has now passed the Assistance and Access Act, unopposed and unamended. The bill is a cousin to the United Kingdom&rsquo;s <a href=\"https:\/\/www.eff.org\/issues\/uk-investigatory-powers-bill\">Investigatory Powers Act<\/a>, passed in 2016. The two laws vary in their details, but both now deliver a panoptic new power to their nation&rsquo;s governments. Both countries now <a href=\"https:\/\/www.eff.org\/deeplinks\/2016\/02\/investigatory-powers-bill-and-apple\">claim the right<\/a> to secretly compel tech companies and individual technologists, including network administrators, sysadmins, and open source developers &#x2013; to re-engineer software and hardware under their control, so that it can be used to spy on their users. Engineers can be penalized for refusing to comply with fines and prison; in Australia, even counseling a technologist to oppose these orders is a crime.<\/p>\n<p>[&#8230;]<\/p>\n<p>Levy explained that GCHQ wants secure messaging services, like WhatsApp, Signal, Wire, and iMessage, to create deceitful user interfaces that hide who private messages are being sent to.<\/p>\n<p>In the case of Apple&rsquo;s iMessage, Apple would be compelled to silently add new devices to the list apps think you own: when someone sends you a message, it will no longer just go to, say, your iPhone, your iPad, and your MacBook &#x2013; it will go to those devices, <em>and<\/em> a new addition, a spying device owned by the government.<\/p>\n<\/blockquote>\n\n<p>Via <a href=\"https:\/\/blog.1password.com\/does-australias-access-and-assistance-law-impact-1password\/\">Jeffrey Goldberg<\/a>:<\/p>\n<blockquote cite=\"https:\/\/blog.1password.com\/does-australias-access-and-assistance-law-impact-1password\/\">\n<p>One of the most disturbing things about the Assistance and Access Act is that it apparently authorizes the Australian government to compel someone subject to its laws to surreptitiously take actions that harm our customers&rsquo; privacy and security without revealing that to us. Would an Australian employee of 1Password be forced to lie to us and do something that we would definitely object to?<\/p>\n<p>We do not, at this point, know whether it will be necessary or useful to place extra monitoring on people working for 1Password who may be subject to Australian laws. Our existing security and privacy design and internal controls may well be sufficient without adding additional controls on our people in Australia. Nor do we yet know to what extent we should consider Australian nationality in hiring decisions. It may be a long time before any such internal policies and practices go into place, if they ever do, but these are discussions we have been forced to have.<\/p>\n<\/blockquote>\n\n<p id=\"australian-assistance-and-access-act-update-2019-02-28\">Update (2019-02-28): <a href=\"https:\/\/underpassapp.com\/news\/Australia.html\">Jeff Johnson<\/a>:<\/p>\n<blockquote cite=\"https:\/\/underpassapp.com\/news\/Australia.html\">\n<p>With Underpass, all of the app&rsquo;s code is on your device. Your device is the chat server. Thus, nobody can secretly install a back door. Most chat services would be faced with the dilemma of installing a back door on their servers or shutting down service entirely in Australia. Since Underpass is peer-to-peer, it would not face this dilemma. The version of Underpass that you&rsquo;ve already installed can&rsquo;t ever be shut down, not by a government, not even by me. I intentionally designed it so that I can&rsquo;t shut it down. Control over the app is entirely in the hands of the customers.<\/p>\n<\/blockquote>\n\n<p><a href=\"https:\/\/www.schneier.com\/blog\/archives\/2018\/12\/new_australian_.html\">Bruce Schneier<\/a>:<\/p>\n<blockquote cite=\"https:\/\/www.schneier.com\/blog\/archives\/2018\/12\/new_australian_.html\"><p>Last week, <a href=\"https:\/\/arstechnica.com\/tech-policy\/2018\/12\/australia-passes-new-law-to-thwart-strong-encryption\/\">Australia<\/a> <a href=\"https:\/\/www.extremetech.com\/internet\/281991-australia-becomes-first-western-nation-to-ban-secure-encryption\">passed<\/a> <a href=\"https:\/\/www.zdnet.com\/article\/whats-actually-in-australias-encryption-laws-everything-you-need-to-know\/\">a<\/a> <a href=\"https:\/\/www.wired.co.uk\/article\/wired-awake-071218\">law<\/a> <a href=\"https:\/\/www.bbc.com\/news\/world-australia-46463029\">giving<\/a> the <a href=\"https:\/\/mobile.abc.net.au\/news\/2018-12-06\/labor-backdown-federal-government-to-pass-greater-surveillance\/10591944\">government<\/a> the ability to demand backdoors in computers and communications systems. Details are still <a href=\"https:\/\/www.zdnet.com\/article\/australias-encryption-laws-will-fall-foul-from-differing-definitions\/\">to be defined<\/a>, <a href=\"https:\/\/twitter.com\/alfiedotwtf\/status\/1070047303275175936\">but<\/a> <a href=\"https:\/\/www.eff.org\/deeplinks\/2018\/12\/new-fight-online-privacy-and-security-australia-falls-what-happens-next\">it&rsquo;s<\/a> <a href=\"https:\/\/www.wired.com\/story\/australia-encryption-law-global-impact\/\">really<\/a> <a href=\"https:\/\/boingboing.net\/2018\/12\/06\/pm-drongo.html\">bad<\/a>.<\/p><p>Note: Many people e-mailed me to ask why I haven&rsquo;t blogged this yet. One, I was busy with other things. And two, there&rsquo;s nothing I can say that I haven&rsquo;t <a href=\"https:\/\/www.schneier.com\/academic\/paperfiles\/paper-keys-under-doormats-CSAIL.pdf\">said<\/a> many times before.<\/p><\/blockquote>\n\n<p>Previously: <a href=\"https:\/\/mjtsai.com\/blog\/2016\/02\/17\/fbi-asks-apple-for-secure-golden-key\/\">FBI Asks Apple for Secure Golden Key<\/a>.<\/p>","protected":false},"excerpt":{"rendered":"<p>Danny O&rsquo;Brien: With indecent speed, and after the barest nod to debate, the Australian Parliament has now passed the Assistance and Access Act, unopposed and unamended. The bill is a cousin to the United Kingdom&rsquo;s Investigatory Powers Act, passed in 2016. The two laws vary in their details, but both now deliver a panoptic new [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"2018-12-12T18:13:59Z","apple_news_api_id":"14763ba4-cd3c-4106-ad31-1c1dc9e78497","apple_news_api_modified_at":"2019-02-28T20:41:24Z","apple_news_api_revision":"AAAAAAAAAAAAAAAAAAAAAA==","apple_news_api_share_url":"https:\/\/apple.news\/AFHY7pM08QQatMRwdyeeElw","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[],"tags":[284,937,140,31,209,30,48,1464,96],"class_list":["post-23687","post","type-post","status-publish","format-standard","hentry","tag-1password","tag-hiring","tag-imessage","tag-ios","tag-legal","tag-mac","tag-security","tag-underpass","tag-web"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/23687","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=23687"}],"version-history":[{"count":2,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/23687\/revisions"}],"predecessor-version":[{"id":24457,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/23687\/revisions\/24457"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=23687"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=23687"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=23687"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}