Aussie police usage of new anti-encryption laws is on the rise

Encrypted blocks of multicolored data cubes rolling out.
Matejmo / Getty Images

Australian law enforcement didn't widely use new powers under the late-2018 Assistance and Access Act  in the first half of 2019, but usage more than doubled in the second half of 2019.  

The first Telecommunications (Interception and Access) Act annual report from Home Affairs to contain details of the AA Act’s usage shows that law enforcement had used the new encryption-busting laws seven times. 

The passing of the AA Act in December 2018 was preceded by heated debate among the tech community, which overwhelmingly opposed the law and accused the federal government of rushing it through with the help of a weak Labor opposition party. 

The law applies to a wide range of tech players, from messaging apps to ISPs, and software developers working on certain projects. Many in the local tech industry argued it tarnished Australia’s reputation.  

Law enforcement have three request categories, including a Technical Assistance Report (TAR), where industry is asked for voluntary assistance; as well as Technical Assistance Notices (TAN) and Technical Capability Notices (TCN), both of which oblige providers to assist law enforcement. 

The Australian Federal Police made five TARs between 9 December 2019 and 18 June 2019, while NSW Police made two TARs in that period. There were no recorded instances agencies issuing TARs or TCNs.

There were 16 offenses in total where TARs were used, including six cybercrime offenses, five telecommunications offenses, two organized crime offences, and one theft offence. 

The number of offenses TARs were used outnumbered the number of requests since a single TAR can be used to investigate multiple offences. 

However, Home Affairs’ annual TIA report understates the current number of TARs issued and its apparently upward trend. 

As InnovationAus reported today, Home Affairs revealed in a recent answer to questions on notice in Senate Estimates that, as of November 2019, in fact 25 TARs had been issued by three unnamed agencies. 

That detail suggests the seven TARs issued in the first half of 2019 have more than doubled in the second half of 2019.   


Copyright © 2020 IDG Communications, Inc.

The 10 most powerful cybersecurity companies