IBM has spoken out against Australia’s controversial ‘anti-encryption’ laws, claiming they undermine previous work to strengthen the country’s defences.
The vendor giant has urged the federal government to review the Telecommunications (Assistance and Access) Act 2018, which passed last year and effectively compels technology companies to build ‘backdoors’ into their encrypted data.
In a submission to the government’s 2020 cyber security strategy consultation, IBM said the laws “undermined” previous work by the government to create a “regulatory environment that promotes strong cyber security without constraining innovation or digital commerce.”
It added that without review, the law has “potentially damaging” consequences for cyber security in Australia.
“Strong and ubiquitous encryption is essential for now and into the future,” the vendor’s submission argued.
“It underpins data security, identity management and protection of devices against unauthorised access. It also plays a crucial role in defending critical infrastructure systems.
“Security experts around the world recognise that empowering law enforcement agencies to build technology to counter encryption will result in a weakening of the encryption technology in use.”
IBM also criticised the inclusion of ‘Technical Assistance Notices’ in the submission, which were added to provide a pathway for the government to demand the development of new surveillance capabilities.
These include allowing law enforcement to request a service provider builds “a new capability to assist agencies” or, at the highest level, receive a “technical capability notice” that would compel them “to build a new capability that will enable them to give assistance” to the requester.
Although this power can only be exercised by the Attorney-General, IBM urged for “clarification” of the provisions, especially as encryption becomes more widely used to protect data generated by 5G and the internet of things (IoT).
“Security experts around the world have recognised that empowering law enforcement agencies to build technology to counter encryption will result in the weakening of the encryption technology in use.”
As reported by ARN in September, Amazon, Facebook, Google, Oath and Twitter members have previously raised concerns over the Assistance and Access Bill exposure draft published on 14 August, urging the government to review the bill.
Cisco, meanwhile, has also raised "grave concerns" over the Assistance and Access Bill stating it is essential to "avoid the false dilemma of trade-offs" between privacy and security.
