Tech firm gives back door warning
Cisco has contradicted Peter Dutton’s claims that the government’s decryption bill will not result in “back doors” in their products.
The parliamentary joint committee on intelligence and security is going over the Coalition’s telecommunications (assistance and access) bill.
It has heard concerns from tech giants and human rights groups that the changes would result in weaknesses in digital privacy technologies, potentially leaving users at risk.
The bill would give Australia’s attorney general the power to issue a “technical capability notice” that requires a communications provider to build in new capabilities to assist ASIO and interception agencies.
Home affairs witnesses conceded the bill may allow law enforcement agencies to require a company embed a listening device in a speaker, deploy a tool to unlock devices, or to add an additional end point to services.
Home affairs minister Peter Dutton has previously argued that “there will be no weakening of encryption”, and the bill does not permit creation of back doors.
At one point in the hearings, secretary of the home affairs department Michael Pezzullo, was asked about the definition of “systemic” weakness, and said it would cover issues “pertaining to the whole system”.
Gary Smith, the head of regulatory compliance at Optus, said the definition of “systemic” weakness would be “difficult to grapple with in practice”.
Eric Wenger, the global director of cybersecurity at Cisco, said that if the company was mandated to build “any capability” to access communications, “that would contradict our policy that we don’t have back doors in our products”.
The Communications Alliance’s director of program management, Christiane Gillespie-Jones, said Australia is asking companies to implant the kinds of access that led the nation to ban Chinese firm Huawei from building the 5G network.
“I think it needs to be very clearly stated this law is doing exactly the same to our own Australian entities when they are exporting and when foreign governments and foreign entities are considering whether to use any of their products and services because they are subject to the same concerns,” she said.
She warned that it may harm $3.2 billion in Australian IT exports.