You know, I've often wondered about these large companies - what would stop them from presenting a page that said "Your access to our services has been restricted because of laws in your jurisdiction. If you have any questions, please call <local member> on <phone number> to discuss the issue"?
On Thu, 16 Aug 2018 at 14:48, Paul Wilkins <paulwilkins...@gmail.com> wrote: > Couple of points for discussion: > > 1 - The overseas jurisdiction is to be met by whether you conduct business > within Australia. So that already covers the big corporates, social media > etc. If you want to continue to conduct business in Australia, you're going > to have to comply with Australian law or have your company delisted/brands > invalidated/accounts frozen. So it will be immaterial the jurisdiction of > where the service is hosted. > > 2 - The reporting oversite proposed is meaningless. Just reporting the > number of notices within a period means nothing. There ought to be > additional data as to the type of actions sought, classifications of data > extracted (personal data, geolocation, financial, "metadata"...), and the > classification of offence the notice was to address (national security, > child abuse material, family law etc). As currently drafted the AG would > have the power to issue assistance notices/capability requests, while > simultaneously criminalising disclosure of both the terms and existence of > the notices. Journalists take note. > > Kind regards > > Paul Wilkins > > > On Thu, 16 Aug 2018 at 13:20, Robert Hudson <hud...@gmail.com> wrote: > >> Hi Paul, >> >> We have already published our stance on this previously in press releases >> and our regular newsletter, and will be sending a formal response to the >> govt's invitation to do so. >> >> That response is currently being formulated to ensure we cover all >> pertinent points, thus far (until we complete our reading of the mattter) >> being: >> >> * The proposed laws are WAY too vague to start with, and contradictory at >> times in what is and isn't allowed, who and who is not allowed to access >> the data, etc >> * There is a strong history already of misuse of power by government >> agencies/privileged individuals. >> * This is over-reach by government with significant potential impact to >> law-abiding citizens >> * There is no way to breach end-to-end asymmetric key encryption in the >> way they're talking without creating back-doors, compromising the >> encryption process or creating secondary back-channels >> * The idea that the Australian government can enforce the law with >> parties based overseas where they are outside of the jurisdiction of our >> government or its treaty partners is laughable >> * There is insufficient protection of process - the A-G gets to make the >> requests/notices, and the A-G gets to decide at the same time what's >> reasonable and what's not >> * The criminals this is aimed at will simply move to using tools outside >> of the government's reach if they're even remotely competent (if they're >> not, surely this level of law is not required to catch them), meaning that >> the only people this will really impact will, again, be law-abiding citizens >> * The likely next step when people start using tools outside of the >> government's control will be to mandate that only govt-controlled apps are >> used - meaning loss of functionality for law-abiding citizens, or >> unintentional criminal acts when they download and use something they don't >> realise is sanctioned. >> >> There's probably (almost certainly) more. I've got a full-time job >> outside of doing this, as do the rest of the ITPA board. If (or anyone >> else reading this) has strong feelings/expertise in this area, we'd gladly >> look to work with you on our response. Or hell, join and volunteer to help >> us with this - we represent ~18,000 associate members at this stage, and >> the bigger we get, the more our voice will resonate. >> >> Regards, >> >> Robert >> >> On Thu, 16 Aug. 2018, 12:59 pm Paul Julian, <p...@buildingconnect.com.au> >> wrote: >> >>> Hi Robert, >>> >>> >>> >>> I think it’s a perfectly valid point, so just out of interest what is >>> ITPA’s plan to respond to this current situation ? >>> >>> >>> >>> Regards >>> >>> Paul >>> >>> >>> >>> *From:* Robert Hudson <hud...@gmail.com> >>> *Sent:* Thursday, 16 August 2018 12:34 PM >>> *To:* p...@buildingconnect.com.au >>> *Cc:* Paul Wilkins <paulwilkins...@gmail.com>; ausnog@lists.ausnog.net >>> *Subject:* Re: [AusNOG] Dutton decryption bill >>> >>> >>> >>> On Thu, 16 Aug 2018 at 11:10, Paul Julian <p...@buildingconnect.com.au> >>> wrote: >>> >>> Hi Paul, >>> >>> >>> >>> Where do you even start ? >>> >>> I would love to be able to comment on these things properly but how do >>> you structure a response that isn’t just a whinge and saying that it’s not >>> fair and blah blah, it would need to offer alternatives or suggestions on >>> how else this could be accomplished or why it shouldn’t be in the first >>> place. >>> >>> >>> >>> Apologies if this isn't considered appropriate on this list, but I think >>> the point of joining representative organisations is important, especially >>> on this topic. >>> >>> >>> >>> Join a group like ITPA (it doesn't have to be ITPA, so this isn't >>> "strictly" an ad - more a drive to get people participating in industry >>> associations. The more members we have, the stronger our voice. We have >>> commented strongly on this issue, and will continue to do so on this and >>> other issues of importance to IT Professionals. >>> >>> >>> >>> ITPA Associate membership is free. Paid membership is less than the >>> cost of a cup of coffee a week. >>> >>> >>> >>> If not us, choose another representative organisation, and make sure >>> your voice is heard. >>> >>> >>> >>> If you (and others) don't, then things like Metadata Retention, breaking >>> encryption, and goodness knows what they have up their sleeves next will >>> continue to go through. >>> >>> >>> >>> Regards, >>> >>> >>> Robert >>> >>> >>> >>> >>> >>> _______________________________________________ >> AusNOG mailing list >> AusNOG@lists.ausnog.net >> http://lists.ausnog.net/mailman/listinfo/ausnog >> > _______________________________________________ > AusNOG mailing list > AusNOG@lists.ausnog.net > http://lists.ausnog.net/mailman/listinfo/ausnog >
_______________________________________________ AusNOG mailing list AusNOG@lists.ausnog.net http://lists.ausnog.net/mailman/listinfo/ausnog