AlphaAtlas
[H]ard|Gawd
- Joined
- Mar 3, 2018
- Messages
- 1,713
New Atlas reports that the Australian government recently passed the world's first anti-encryption bill. The Assistance and Access Bill 2018 can allegedly "compel a private company to create new interception capabilities so no communications data is completely inaccessible to the government." While the lawmakers claim they aren't requiring the creation of software "backdoors," security experts point out that there may be no other way to comply with the law, as end to end encryption is "fundamentally unassailable." Apple pointed out this ambiguity in October, and now several Australian companies seem to be very unhappy with the bill.
Ted Hardie, chair of the Internet Architecture Board, suggested the legislation may even break laws in other countries if the Australian government tries to force companies to hand over sensitive data. The massive GDPR law rolled out across Europe earlier this year is a prime example raised by Hardie. "We are concerned that the proposed legislation may cause these service providers to violate contracts or laws in other jurisdictions, depending upon the exact nature of the requests made," Hardie writes. "For example, companies with European presence are required to handle sensitive data according to the GDPR, and by complying with an Australian order for data that might be located in Europe, that provider could be required to violate the GDPR to satisfy Australian law."
Ted Hardie, chair of the Internet Architecture Board, suggested the legislation may even break laws in other countries if the Australian government tries to force companies to hand over sensitive data. The massive GDPR law rolled out across Europe earlier this year is a prime example raised by Hardie. "We are concerned that the proposed legislation may cause these service providers to violate contracts or laws in other jurisdictions, depending upon the exact nature of the requests made," Hardie writes. "For example, companies with European presence are required to handle sensitive data according to the GDPR, and by complying with an Australian order for data that might be located in Europe, that provider could be required to violate the GDPR to satisfy Australian law."