The combined stupidity and cowardice of the Coalition and Labor now means that any IT product — hardware or software — made in Australia will be automatically too risky to use for anyone concerned about cybersecurity. The government’s encryption backdoor bill, which Labor found a new way to roll over on last night in the Senate, now guarantees Australian-made products will be regarded as potentially having been corrupted by the Australian government and its unsupervised security agencies. One industry figure correctly compared Australia’s industry to Huawei, which is now indelibly associated, despite its furious protests, with the idea of government-inserted backdoors.
Our tech sector is small by US and European standards — it produced exports of $3.2 billion in 2016-17 and, according to an OECD report, “Australia ranks seventh out of 13 countries, with our ICT sector representing around 4.5% of total industry value add in 2015.” The encryption backdoor bill guarantees it will stay that way — every Australian-manufactured IT product must henceforth be regarded with suspicion that any features using encryption will be hopelessly compromised, with a backdoor back to Australian intelligence agencies.
While in effect signalling that no one serious about cybersecurity can trust Australian-made products, the impact on the dominant foreign tech players remains to be seen. In effect the bill purports to give the government the power to order the likes of Apple and Facebook to undermine the security of their own products. But for the world’s biggest IT companies, the damage from users worldwide knowing that they are willing to undermine their product’s security at the request of a global nonentity like Australia will be profound — would you trust an Apple product knowing it had yielded to some Australian copper’s demand that it help plant some malware on a target’s iPhone? Maybe you trust Australian police. But if Australia can demand the undermining of encryption, we can surely have no objection when China, or Russia, or Saudi Arabia, or Venezuela, do exactly the same? The world’s biggest tech companies have a strong incentive to resist, they have very deep pockets and are used to using all the legal resources at their considerable disposal to ward off threats to their profits. The response from companies like Apple and Facebook may well be “see you in court”.
Local tech companies don’t have that option, and don’t have the resources for it anyway. They’ll have to submit to having their business models ruined by idiot politicians. This is, hilariously, the very sector over which the political class was fawning in 2015, when it was all about start-ups, agility and innovation. There was even a “Cyber Security Growth Centre” set up by the Turnbull government to foster local cybersecurity startups, although its online presence has now vanished. Even so, it is only a few months since Michaelia Cash was flogging it was a way to help develop local IT companies. Good luck there — buying an Australian cybersecurity product will now be like buying your firewall software from China.
Next time you see Karen Andrews, the Industry Minister, or Labor’s industry shadow Kim Carr, or digital economy spokesman Ed Husic, or other Labor MPs like Tim Watts who like to appear au fait with IT and digital issues, talking about the Australian tech industry, remember that they’re the ones who have helped turn “Made In Australia” into a warning to avoid our products like the plague.
2nd day in a row you’re onto this encryption hoo-ha. This one even sillier than yesterdays claim that encryption was a “right”….meanwhile the coalition have just stacked the fairwork commission with even more reps from the employer groups…from you, not a peep.
I’m beginning to think you’ve got some personal stuff stored digitally…..I shudder to think frankly.
FYI encryption is a right, as is privacy, clothing, or blinds. Unfortunately Australia gives us very few rights – no mutual obligation there!
Whilst generally in furious agreement with Keane on this subject, the Huawei as ‘ultimate evil’ for use a a base line comparison is becoming very, very tiresome (and Keane is far from alone is OZ media in proving Edward Said’s central thesis of “Orientalism” dead right).
I find it best to do a little homework, before I join the general pile on.
You may like to try the NYT’s, from 4 years ago, and some of ‘What Snowden Saw’.
https://www.nytimes.com/2014/03/23/world/asia/nsa-breached-chinese-servers-seen-as-spy-peril.html?module=inline
“But even as the United States made a public case about the dangers of buying from Huawei, classified documents show that the National Security Agency was creating its own back doors — directly into Huawei’s networks.
The agency pried its way into the servers in Huawei’s sealed headquarters in Shenzhen, China’s industrial heart, according to N.S.A. documents provided by the former contractor Edward J. Snowden. It obtained information about the workings of the giant routers and complex digital switches that Huawei boasts connect a third of the world’s population, and monitored communications of the company’s top executives.
One of the goals of the operation, code-named “Shotgiant,” was to find any links between Huawei and the People’s Liberation Army, one 2010 document made clear. But the plans went further: to exploit Huawei’s technology so that when the company sold equipment to other countries — including both allies and nations that avoid buying American products — the N.S.A. could roam through their computer and telephone networks to conduct surveillance and, if ordered by the president, offensive cyberoperations……..
“If we can determine the company’s plans and intentions,” an analyst wrote, “we hope that this will lead us back to the plans and intentions of the PRC,” referring to the People’s Republic of China. The N.S.A. saw an additional opportunity: As Huawei invested in new technology and laid undersea cables to connect its $40 billion-a-year networking empire, the agency was interested in tunneling into key Chinese customers, including “high priority targets — Iran, Afghanistan, Pakistan, Kenya, Cuba.”……………
You want credibility, do some homework.
This is exactly the issue. Install a backdoor and you have no idea who will be coming through it.
“Made and Modified in Australia”.
Or “A little bit of Australia to follow you Everywhere”.
If I were a risk averse buyer of services from outside Australia I’d be careful about sending any sensitive work here, IT or otherwise – you won’t be able to have any confidence in the security of communication, and while you may accept the risk of your own government spying on you, foreigners are an entirely different kettle of fish.
Particulaly foreigners with a track record of using their intelligence agencies for commercial purposes…
“Lower a new shovel. We’ve worn this one out.”