More than virtually any other politician, when Anthony Byrne speaks on national security, it pays to listen. The former chair, now deputy chair, of Parliament’s Joint Committee on Intelligence and Security is plugged into not merely Australian security institutions — with whom he has an occasionally fractious relationship — but key US and UK ones as well.
It was Byrne who, in 2014, warned that the issue of data retention should be debated sooner rather than later, lest the opportunity for rational debate be swept aside in the wake of a terror incident. He couldn’t have known how right he would turn out to be — the attack on police officers by ISIS-sympathiser Numan Haider in September that year occurred in his own electorate; the government announced its data retention proposal a month later. Before the bill would be debated and passed, Man Haron Monis would conduct his siege, and counterterrorist raids on would-be jihadis would sweep Sydney.
Now Byrne has made a similar call, and what he said last night in Parliament should worry local digital activists and tech companies. Speaking in Federation Chamber yesterday, Byrne said:
“I was in the United States after the San Bernardino massacre. I was there, in my capacity as deputy chair of the intelligence and security committee, to meet intelligence agencies — the CIA, the FBI — and also the US Department of State and other people. The great issue of concern being raised by those agencies was that Apple would not unlock for the FBI the iPhone that was used by the perpetrators of that terrorist act, the two individuals … the question is: when do private companies dictate how we run national security, whether in this country, in the United States of America or in the United Kingdom, because they are similarly minded jurisdictions?”
However, Byrne isn’t proposing “further sweeping national security reforms that compel companies to do things that they might not want to do”.
“I think this is one of the issues that governments — come what may and in some, way shape or form — are going to have to confront: where do we draw a limit on the role of the state? … in a functioning Western democracy, where does the state intersect with the role of imposing, perhaps, legislation on a corporation that compels it to provide information that might be essential for the safeguarding of national security?”
Byrne wants to avoid the situation where — as the FBI did — governments turn to third parties to defeat encryption. “That does not mean, necessarily, building backdoors,” he said. “But it does mean that, when we really do need to access the technologies, the data streams and the devices, we can do that in order to keep our community safe.”
[Encryption wars heat up as governments fight for less security]
Security agencies are already looking at this issue — the Prime Minister asked them to back at the end of 2015 after San Bernardino and the stand-off with Apple. But there are no easy answers for governments. Creating backdoors simply means criminals, terrorists and enemy states like Russia will get access to them — that’s exactly what has happened to both CIA and NSA backdoors and hacking tools that were stolen from those agencies and released into the digital wild (in fact, Byrne says the Americans assured him when he was last there that there’d be no more major intelligence leaks — only for both the CIA and NSA hacking tools leaks to subsequently emerge). And terrorist groups like al-Qaeda have developed their own bespoke encryption software rather than rely on platforms developed by Western companies anyway. Backdoors and anti-encryption tools simply make us all less safe.
But Byrne went on to make a more important point, on the most important structural issue in Australia national security policy currently. Byrne, along with Labor’s John Faulkner before he left politics, has been a tireless advocate of an expansion of the remit of the intelligence and security committee to more closely resemble the intelligence committees that oversee the UK and US agencies. Despite a gradual increase in the committee’s remit under the leadership of then-chair Dan Tehan and Byrne under the Abbott government, it remains one of the most absurdly hamstrung committees in Parliament — it can’t even initiate its own inquiries, but must wait for the government of the day to ask it to conduct a review.
But without better oversight of security agencies, Byrne says, the public won’t trust the government when (as is inevitable) it expands the powers of those agencies. “If we do not increase the oversight, we will not have the support of the public,” he said bluntly.
[Can the FBI hack your iPhone?]
Malcolm Turnbull launched an inquiry — by handpicked outsiders — into our intelligence agencies back in November, which is supposed to address the oversight issue. But no inquiry is needed to recognise that a parliamentary committee, which is effectively at the beck and call of the executive, logically cannot provide proper oversight of agencies — or be seen to do so. Nor does it require a major review to know that agencies and security bureaucrats hate the idea of a more powerful committee — especially the Attorney-General’s Department, whom Byrne has serially monstered in recent years for its repeated failings and disrespect.
Unfortunately, Byrne is playing a lone hand on this. The opposition, which is anxious not to allow any daylight between itself and the Coalition on national security, is notionally committed to a bill left by Faulkner that would overhaul the role and powers of the committee, but hasn’t pressed the issue. But it remains a key weakness in Australia’s national security — our agencies need much greater scrutiny than they’re getting. Perhaps it’s time for the Greens should reintroduce Faulkner’s bill in the Senate …
There are a number of reasons why the government (and not just in Australia) does not want a committee with strong powers to provide oversight of its intelligence agencies and one of the most important is that those agencies do not stand up well to close and impartial scrutiny. We have only to look at the findings of the Church Committee in the US and subsequent history to see an example of this.
It is well documented (although Crikey refuses to recognise the fact) that the intelligence agencies are themselves the perpetrators of terrorist acts, either directly or through their proxies. Any analysis that fails to recognise this fact seriously undermines its argument. For the inevitable sceptics, read Brzezinski’s book The Grand Chessboard, or simply google Operation Cyclone.
The other point that undermines an argument is the mindless repetition of phrases such as “enemy states like Russia”. For a more balanced view listen for example to the weekly podcasts of Stephen Cohen who has the great virtue of knowing what he is talking about.
James O’neill – “It is well documented (although Crikey refuses to recognise the fact) that the intelligence agencies are themselves the perpetrators of terrorist acts,”
Spot on, James. It’s so frustrating as an overview to the current world situation that people refuse to see this. If intelligence agencies were shut down tomorrow and their operations ceased, peace would reign upon the earth. Intelligence agencies never represent their host nations but seek to fulfill a hidden-hand international agenda by raising local conflicts to eradicate national sovereignty and existing power bases. Think Libya, think Syria, think Yemen, think Egypt, think anywhere in the world where there is conflict and there you find the signature false-flag. Journalists are either blind or purposely blinded.
The solution to access to citizen data is paradoxically greater privacy where the individual controls who sees what data about themselves. Technically it is relatively straight forward to build systems where data is held privately between parties who communicate and where both parties have to give permission for the data transmitted to be viewed by a third party. The so-called “dark web” operates this way and we can set up connections in the sunlit web to operate the same way. We don’t because the corporations of the world want to access data so they can profit from it. Almost overnight we could make the Internet resistant to hacking. We could become the only party who could see your own data. To access the data the law would need to provide a way for a security agency to “become us” and that act could be controlled by restrictions. In that case those who say they have nothing to hide can willingly give permission for an investigation agency to become them without the fear that others will see the data. It is not the police seeing our data that is the worry. It is the difficulty of preventing others seeing our data if the police are careless with it or their systems are hacked. The data retention approach is very inefficient, very costly, and not as effective as voluntary release of information when it is required for a valid purpose.
Really Bernard! “Enemy states like Russia”. And pray tell, just what has Russia done to deserve our enmity? Has it declared war upon us for example by overthrowing a neighbouring state and installing a fascist government there that then attacks parts of itself that wish to reunite with Australia? I don’t think so. Has Russia surrounded us with nuclear missiles that some idiots there think should be used against us? Once again, I don’t think so. So how in god’s name do you define Russia as being an enemy state to us? Or do you let others do your thinking for you?
Geez, a lot of push for The Greens in today’s Crikey edition. Even if Helen’s was a little back-handed, along the lines that the marvellous Richard should keep a tighter rein on his women. Crikey!
During the San Berdino case, Apple and the big tech companies stood their ground refusing to assist with the unlocking of an encrypted iPhone, stating that they did not want to intentionally introduce backdoors into their software. They have a point to some extent, but the reality is this stance was taken based on commercial interests. The real thing at stake here was cloud computing and the trust of their business customers.
In essence Apple turned their belligerence into marketing, which frankly stinks when you consider that people were murdered in the incident.
I do think we need encryption on all devices. I do not think encryption should have a backdoor or golden key which governments can use whenever they please. Nor do I think all encryption should be breakable. However I do think the legal ramifications of encryption around warrants around data need to be figured out.
The San Berdino incident was an opportunity missed for tech companies to do the right thing, and work closely with lawmakers to ensure there’s a clear way forward if this ever happens again. (E.G. Law Encourcement hands Apple the iPhone with a warranty. Apple takes it away to their secure lab, unlocks the device, hands it back. Job done.)