
Australia pushes for spyware on phones - tonteldoos
https://www.brisbanetimes.com.au/business/companies/spyware-on-phone-fears-as-dutton-pushes-new-security-laws-20180924-p505oc.html
======
repsilat
Not only are criminals misusing technology to have conversations that the
Australian Government can't listen to, they're also taking clever physical
countermeasures like having conversations in person -- sometimes completely
out of earshot of their own devices!

If we as a society (quite reasonably) conclude that our government should have
access to criminals' communications, allowing _savvy_ criminals to make use of
"non-electronic backdoors" is obviously out of the question.

Anyone want to propose an enforcement mechanism? Maybe listening devices
implanted in everyone, or just everywhere in our homes?

~~~
chongli
It doesn't work that way. Governments are interested in preserving order. The
purpose of dragnet surveillance isn't to catch every single criminal and
create some kind of crime-free utopia, it's to create a chilling effect on
moderate dissent. It's a little nudge to remind everyone to stay in line.

It also has the added benefit of moving the Overton window towards
authoritarianism. This puts anyone who uses sophisticated encryption to hide
their communications squarely in the radical camp, making them easier to
marginalize.

~~~
forgotmysn
i think he was being sarcastic.

~~~
chii
but the reply brings up a really good point - the purpose of the legislation
is not what is stated (or implied) by the legislation.

Using this mechanism to achieve a chilling effect on activism has a huge
detrimental impact on democracy.

We must be careful whenever a politician attempts to trade liberty for
security - for fools who agree will soon have neither.

------
Gys
These kind of concerns, laws and regulation often remind me of a 1983 joke by
the Belgium comedian 'Urbanus':

Urbanus vertelt dat zijn buurman boer is en dat hij rond rijdt met zijn
tractor en een vieselijk geel poeder spuit op zijn akker. Kwaad interpelleert
hij hem. Urbanus: “Maar voor wat is dat nu allemaal weer nodig ?” Boerke: “Dat
is poeder tegen de olifanten.” Urbanus: “Maar hier zitten toch geen olifanten
in ’t Pajottenland ?” Boerke: “Goe poeier hé jongen!”

Translated:

Urbanus says that his neighbor is a farmer and that he drives around with his
tractor and sprays an awful yellow powder in his field. He interrogates him
badly. Urbanus: "But for what is all that necessary now?" Farmer: "That is
powder against the elephants." Urbanus: "But there are no elephants here in
the Pajottenland?" Farmer: "Yes boy, good powder!"

~~~
krustyburger
“Lisa, I want to buy your rock.”

------
throwawayuy
Most western democracies pride themselves on “having governments of laws, not
men”. Australia has a rather more transactional view of freedom and very
limited judicial review.

Just this weekend it was announced that people with welfare debts would be
blocked from flying overseas. That might be fair, but blocking people from
travelling seems to be at the whim of civil servants and politicians. There
wasn’t much of an uproar, since the ends justify the means, and no one likes
cheats, despite this amounting to extrajudicial punishment.

The minister proposing this encryption crackdown has used his vast
discretionary powers to do immigration favours for the politically connected,
with impunity, while ignoring arguably more deserving cases.

The land of roos, barbies and golden beaches has a rather well-developed
authoritarian streak behind its carefully constructed facade.

~~~
lysp
I know someone who works for housing.

Rent is generally calculated as 25% of a person's income - regardless of what
their income is. For someone on $550/fn New-Start, rent is calculated at
approx $68.75 per week.

There are often instances where families in public housing properties are
regularly taking overseas holidays despite having quite extreme unpaid rent
debts. Sometimes from low thousands to 10-15 thousand of unpaid rent/debt.

They simply stop paying rent. And to rack up that amount of debt when you're
paying so little in rent, it's often for quite some time that it remains
unpaid.

Often the only real option is to start eviction proceedings through the xCAT
tribunals, where the tribunal member will usually give families many multiples
of chances and time to pay.

When they finally realise they are finally going to actually be evicted, they
will often show up to the housing offices with the entire amount of unpaid
rent.

So I agree with this policy and think it will often work to recover debt.
There are quite a few people who play the system and I think this will help
combat that. But I only think it should be implemented for cases with high
amounts of debt and as long as some safeguards are added (exemption for
victims of family violence for example).

~~~
throwawayuy
It will likely be effective. That’s not the point I was making.

I’m pointing out that in most western democracies there would be legal
challenges and a massive outcry if such a ban was instituted (there were/are
no-fly lists in the US but those are ostensibly aimed at preventing terrorism,
they aren’t meant as administrative punishment for unrelated offences). The
few complaints I’ve seen about the policy are that tax cheats and
multinationals aren’t subject to the same ban, not anything from a civil
liberties perspective about the wrongness of such a policy _per se_.

On the flip side, it’s possible that locking them up would be politically
unpalatable, so this a better alternative..but again that would give the
concept of “rule of law” short shrift.

Australians are more accepting of government authority than people in other
western especially “Anglosphere” democracies.

------
lysp
This is a follow-on news story as people slowly try and digest the content of
the new bill.

One of the main issues with this is it's being tried to push through as
quickly and quietly as possible.

The original draft bill was open for public submissions for less than a month
(Aug 15 - Sept 10).

* [http://web.archive.org/web/20180814010356/https://www.homeaf...](http://web.archive.org/web/20180814010356/https://www.homeaffairs.gov.au/consultations/Documents/the-assistance-access-bill-2018.pdf)

The draft was 176 pages of legislation and quite complex in it's language so
required a lot of time to comprehend - which is quite difficult to do
effectively in a 3 week time period.

Quite a few large organisations put forward submissions (a couple of them are
linked here):

* [https://internet.org.au/news/209-submission-internet-austral...](https://internet.org.au/news/209-submission-internet-australia-s-submission-on-draft-assistance-and-access-bill)

Submissions included a few internet bodies, EFF and privacy organisations,
major ISPs and Telcos, the Law Council, Human Rights Commission, device makers
(Apple/Sumsung/Google) as well as others.

The bill was then submitted into parliament 10 days later.

There is no way possible that they have reviewed and considered all public
submissions in 10 days. The government also stated that they had "widely
consulted industry" to which the major IPSs denied.

It's basically a shambles.

What the cynic in me thinks is this is basically being made in collaboration
with the five-eyes countries (Australia, Canada, New Zealand, United Kingdom
and the United States).

As agencies in those 5 countries share information, the spyware/encryption
keys/backdoors gained will be openly shared amongst all.

I think they all believe Australia is the easiest place to try and get the
legislation through.

~~~
girvo
> I think they all believe Australia is the easiest place to try and get the
> legislation through.

And they're correct. Australia is used for all sorts of unsavoury things, from
spec-ops operations that other countries don't want to take the risk on, to
taking over PlayPen(?) and operating it for months -- we don't have strongly
enumerated rights, and our authoritarian past has never actually been dealt
with. The same people, or those they trained are still in power.

~~~
King-Aaron
Not to mention the general public is largely apathetic to practically anything
that affects them other than the Grand Final.

~~~
Arbalest
Now that you've said that, I am reminded that that is coming this weekend.
That especially makes the timing slimey.

------
elitistphoenix
This is the problem with non-technical lawyers making technical laws. It's
like when the Attorney General was pushing for metadata retention but couldn't
even explain what metadata was.

~~~
threeseed
This isn't how it works at all.

Technical laws are advised by people from technical backgrounds. And in the
case of laws like this it is coming directly from technical experts at
ASIO/ASIS.

Likewise it is irrelevant whether the Attorney General knows the technical
definition of metadata since he isn't personally writing the law.

~~~
cyberferret
No, I would counter argue that those in charge of bringing in laws should at
least understand the basic principles of what those laws contain.

Much as they shouldn't ban a chemical additive to our foods without first
understanding the nature and effects of that chemical (based on scientific
research and evidence), then they shouldn't enact laws around privacy and data
without understanding what that data itself contains. (He doesn't have to
_make_ the chemicals in a lab, he just needs to understand what it is/does).

The fact that the AG has no clear definition of what 'meta data' is, or cannot
explain that to a reporter or the public really shakes my confidence that his
limited understanding of 'meta data' includes elements that can personally
identify someone (e.g. Does he think a phone number is 'meta data' or straight
up 'personal data'? Because a phone number can be owned by more than one
person, or is transferrable, does he think that is 'meta'?).

The AG should at least be able to give a broad definition of the scope of the
laws that he is going to be responsible for upholding.

~~~
threeseed
What are you proposing is unworkable.

AG and Ministers set the strategic direction for the public sector. They
operate at a sufficiently high level such that they will never be the experts
and will never be across the subtleties of the policies. That's the job of the
public servants.

Also the distinction between data and metadata is quite subtle and as someone
who deals with this daily I make mistakes with it. So I don't expert the AG or
really anyone to have the right answer every time.

~~~
cam_l
I broadly agree with you in principle, but in this specific case i think the
issue of the law _is_ the subtlety of the definition. The thing that the AG
was studiously avoiding to answer was that both he and the people that drafted
the law understood that metadata _is_ data. He was trying to obfuscate the
fact that the government was massively shifting the imaginary line between
them.

------
neuromute
This morning I opened Hacker News and two threads sat next to one another.
This thread I'm commenting on now and another thread titled "Police forcing me
to install Jingwang spyware app, how to minimize impact?"
([https://news.ycombinator.com/item?id=18060543](https://news.ycombinator.com/item?id=18060543))

How poignant, and yet startling. Australia is seemingly following in the
footsteps of China, a country famed for their strict censorship laws,
oppressive and authoritarian nature and far-reaching surveillance powers.

~~~
jakecopp
I thought exactly this too as I read hacker news this morning and read through
the Sydney Morning Herald - absolutely terrifying!

------
turblety
Maybe we need this. Let's face it, within a day of this backdoor being
released it will be leaked/hacked/exploited in some way, which will cause a
national outcry that could go global. Maybe we need a test case to show the
rest of the world how badly these uneducated, ridiculous and reckless laws
will be.

------
artichokeheart
And that will be the end of trust in Australia. When communicating with an
Australian (or someone visiting there) you will have to assume that your
conversations are not secure and are being recorded unencrypted. Also if you
are in one of the 5 eyes nations your conversation will also be shared with
your own government.

------
retrogradeorbit
Dutton annoyed that Turnbull and cabinet "went dark" and he couldn't find out
(through his friends in law enforcement; remember hes an ex-detective) who was
talking to who during the leadership spill and thus lost his bid to be Prime
Minister?

------
oldandtired
The problem Australia has at all levels of governance is that those who we
elect to represent us, represent the party before they represent the
electorate. In addition to that, most of our elected representatives (House or
Representatives and the Senate) are lacking in that essential item called a
backbone. To find the truth of this, go talk to your representative at each
level and try to get them to make public statements about subjects that are
important to you.

As far as the major political parties are concerned, their obvious differences
are really minor and their hidden similarities are major. In the last few
years, we have had our federal politicians vote bipartisanly for various
legislation that was ostensibly aimed at preventing terrorism and yet, this
country already had extensive legislation that covered those particular
matters (all of it under criminal offences).

One idea that has been discussed at various time in private is for each piece
of legislation to be explained to each electorate and have a response return
to parliament. So, instead of each representative voting on party lines,
he/she would have to submit from their electorate the number of yes's, the
number of no's and the number of abstentions.

For any legislation to actually pass, the total number of yes votes from all
electorates would have to be more than the total of no votes added to the
total of abstentions. This would mean that for any legislation to be passed,
the representative would have to work very hard to convince his/her electorate
that they would need to vote yes for the proposal. The benefits of each
legislation would have to be carefully articulated before getting traction.

In addition, we could require that all legislation contain a sunset clause of
say five years, after which the legislation would be null and void. For any
extension, it would need to go back to the electorates again.

One benefit of such a scheme, is the slow-down of new legislation and another
would be that old legislation that no longer held the attention would fade
away.

I know, I know, this is a pipe dream and will never happen. But such a scheme
would have the benefit that political parties would in all likelihood
diminish.

------
Kim_Bruning
China is already doing this in Xinjiang for locals and apparantly also (some?)
tourists:

* [https://mashable.com/2017/07/21/china-spyware-xinjiang/?euro...](https://mashable.com/2017/07/21/china-spyware-xinjiang/?europe=true#bhfWvgzYzOqs)

* [https://www.reddit.com/r/security/comments/8ofiiw/chinese_bo...](https://www.reddit.com/r/security/comments/8ofiiw/chinese_border_police_installed_software_on_my/)

------
kardos
It seems like this is the followup plan to the more or less failed attempts to
defeat encryption directly by weakening it or by various key escrow schemes.
That it, it seems like the actions of a government worried that if they do not
step in and take power here, they risk leaving a power void that will get
filled by someone else, such as a large tech company or a foreign government.
Has insisting that crypto remain undefeatable fast-forwarded us to the rubber-
hose cryptanalysis stage?

------
ggm
Richard Alston come back: bad semi-sentient AI has overreached and we need
another simulacrum.

Would Stephen Conroy have walked into this mess? I rather suspect he would,
after all he wanted to have a giant rubber 'NEKKID WUMMAN' stamp to apply to
any URL he didn't like.

------
perilunar
Would Apple, Google, Facebook, et al. actually comply with this? Australia is
such a small market for them that they could conceivably just refuse and pull
their products. Apple in particular has a history of refusing to compromise on
encryption.

~~~
stephen_g
Australia might be a fairly small market, but it's a quite rich one (top 10
GDP per capita, top 20 in PPP terms). Companies like Apple do pretty well
here. So they _could_ just refuse to sell products here, but I don't think
they would just pull out completely...

------
__d
If my reading of the explanatory document was correct, the proposed
legislation goes beyond telecommunications providers.

Software developers, both within Australia and overseas, can be compelled
under threat of 10 years imprisonment, to build and/or insert into their
software any mechanism required by the government agencies to enable access to
communications.

So, the developers of any secure software would now be under threat of
extradition to Australia and jail time unless they compromise their own app.

Unfortunately, in the absence of massive pressure, Labor will do nothing but
add a few useless amendments, and pass it.

------
stephengillie
Rich counties, companies, and other groups track you based on connections and
data across thousands of servers and sites. Poor/lazy counties etc just force
an app on you.

------
headsoup
Someone should advise these officials that the concerns people have are with
doubts in law enforcement maintaining full integrity in appropriate use, and
that a criminal third party could use these backdoors to hack into peoples'
devices.

Then remind them that they should also be obliged to have these backdoors on
their own phones, and if they are concerned about doing so perhaps this is not
a thing to push on everyone else...

~~~
type0
> and that a criminal third party could use these backdoors to hack into
> peoples' devices

Yeah, but in this case politicians are worse than the criminals.

> and if they are concerned about doing so perhaps this is not a thing to push
> on everyone else...

They don't think of themselves to be like everyone else, so their intent is
that it stays that way.

------
jimjimjim
that guy was almost the prime minister of australia.

~~~
stephen_g
He also only holds his seat on a 1.6% margin, and was only one vote (his own)
away from being forced to resign in a vote of no confidence last week (for
misleading Parliment over the handling of some immigration cases where he
interveined to let in au pairs for friends/Liberal party donors who admitted
that they were going to illegally work on tourist visas)...

The next Federal election can't come soon enough...

~~~
flukus
> The next Federal election can't come soon enough...

Where they'll be replaced by the Labor party who also support this.

~~~
tonteldoos
But the PM is likely to be changed halfway through the term anyway (along with
his/her ministers), so this really doesn't make much of a difference either
way :-/

~~~
flukus
At least they've fixed that, replacing leader would be a month long affair and
be voted on by every member of the party.

------
nitemice
I believe this proposed law is the same one that was discussed previously:
[https://news.ycombinator.com/item?id=17756020](https://news.ycombinator.com/item?id=17756020)

