SlideShare a Scribd company logo

Understanding Australia's anti encryption law | EAGLEGATE

Download as PPTX, PDF
N
Nicole Murdoch

A description of Australia's Encryption Law presented by EAGLEGATE Lawyers - this is general advice only.

Law
1 of 25
ANTI-ENCRYPTION LAW ISSUES AND UPDATES TELECOMMUNICATIONS AND OTHER LEGISLATION AMENDMENT (ASSISTANCE AND ACCESS) ACT 2018 (CTH) This presentation gives general advice only. If you require specific legal advice, please make contact. © Eagle & Gate Pty Ltd, 2019, Queensland
NICOLE MURDOCH BEng(Elec). J.D. (Hons 1) MIP FIPTA • Principal EAGLEGATE Lawyers • Director Australian Information Security Association (AISA) • Registered Trade Marks Attorney eaglegate.com.au nmurdoch@eaglegate.com.au +61 7 3862 2271 linkedin.com/in/nicolemurdoch/
KEY TAKEAWAYS 1. Overview of the Assistance and Access Act (AA Act) 2. Who it applies to 3. Types of assistance 4. Criticism 5. GDPR Issues 6. Comparisons to Patriot Act (USA)
Overview Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 (Cth) – The AA Act Meanwhile, in Australia
THE ASSISTANCE AND ACCESS ACT 1. Compels entities involved in the telecommunication supply chain to provide access to data, even if that data is encrypted 2. Very broad scope of “designated communication providers” (DCPs) 3. DCPs notified in 3 ways: 1. Technical Assistance Request (TAR); or 2. Technical Assistance Notice (TAN); or 3. Technical Capability Notice (TCN). 4. No guarantee you will know a DCP in your supply chain has received a TAR, TAN or TCN 5. Offence provisions for disclosure 6. Some judicial review available through FCA, limited internal review
Who it applies to Meanwhile, in Australia
DESIGNATED COMMUNICATION PROVIDERS • The AA Act applies to almost everyone involved in a telecommunications supply chain with end-users in Australia
DESIGNATED COMMUNICATION PROVIDERS • Carriers – the owners of telecom network infrastructure in Australia; • Examples: Optus, Telstra, Vodafone, TPG • Carriage Service Providers – entities that sell telecom services delivered over Carrier networks in Australia; • Examples: iiNet, NBN Co, Verizon, Vocus Fibre, Uecomm, AAPT
DESIGNATED COMMUNICATION PROVIDERS • Network Facilitators – any entity that manufactures, supplies, operates or maintains telecom network infrastructure, or components used in that infrastructure, in Australia; • Examples: technical experts, contractors, maintenance crews • Customer Equipment Facilitators – any entity that manufactures or supplies customer equipment for use, or that is likely to be used, in Australia; • Examples: manufacturers and retailers of mobiles, modems and computing devices, circuit boards, subscriber identification modules (SIMs) or memory units of a mobile device
DESIGNATED COMMUNICATION PROVIDERS • Websites and Messaging Applications – any entity that supplies “electronic services” (any service that allows end-users to access material using a Carriage Service) in Australia; • Examples: Facebook, Instagram, WhatsApp, operators of websites and chat forums, secure messaging applications, hosting services including cloud and web hosting, peer-to-peer sharing platforms and email distribution lists • Service & Software Developers – any entity that provides services or software for use in connection with a Carriage Service or an “electronic service”; • Examples: software developers, suppliers, app developers
Types of Assistance
TAR & TAN Under a TAR (voluntary) or TAN (mandatory), a DCP can be compelled to: • decrypt communications: • But only where the DCP holds the encryption key already • install, test, maintain or use agency software on an existing DCP network; • modify the characteristics of a service or substitute a service provided by the DCP; • facilitate access to a relevant facility, piece of equipment, device or service; • provide a broad range of technical information: • Includes "source code, network or service design plans, and the details of third party providers contributing to the delivery of a communications service, the configuration settings of network equipment and encryption schemes" • '"conceal the fact that agencies have undertaken a covert operation"; • Notify any changes to, or developments of, the DCP’s service that may be relevant to a warrant: • Including notice of new or improved products, new outsourcing or offshoring arrangements
TCN Under a TCN (mandatory), a DCP may be required to: • build a capability to provide a type of assistance listed in the Act; • do anything within the scope of a TAN • I.e. to avoid duplicitous notices
LIMITATIONS • A TAR, TAN or TCN must not have the effect of requesting or requiring the implementation or building of a "systemic vulnerability“ • BUT – “Systemic Vulnerability” s.317B "a vulnerability that affects a whole class of technology, but does not include a vulnerability that is selectively introduced to one or more target technologies that are connected with a particular person. For this purpose, it is immaterial whether the person can be identified” • Backlash from many tech companies regarding the wording of these provisions • e.g. Apple and the FBI “backdoor” issues in USA
JUDICIAL OVERSIGHT? • Unlike a warrant, no judicial oversight • TAR – approved/issued by DG of Security, ASIO, Signals Directorate • TAN – approved/issued by DG of Security or “the chief officer of an interception agency of a State or Territory” • TCN – approved/issued by Attorney-General only • must be first approved by Minister for Communications + DCP must be consulted
PENALTIES • DCP immune from civil liability complying with TAR, TAN or TCN • DCP recommended to contract with requesting agency re costs recovery • Max. civil penalty for DCP = 47,619 penalty units (~$10mil) • Unauthorised disclosure of information about a TAR, TAN or TCN, or its existence = up to 5 yrs imprisonment
APPEALS? • Decisions under Part 15 not subject to review through the ADJR Act, nor are they “made by a judicial officer” • However, judicial review through the original jurisdiction of the High Court or Federal Court of Australia by operation of section 39B(1) of the Judiciary Act 1903 (Cth) is available • Limited Internal Review: • If TCN requires you to build a new capability, you can request that the TCN is assessed to determine whether it should have been given; • Conducted by two assessors, including a technical expert and former judicial officer • Can apply for JR of that decision also
Criticism
• Telstra – no civil immunity from system faults or service degradation • Senetas – non-disclosure prevents public explanation • Amazon – users expect products/service free from interference • Australian Information Industry Association (membership – Apple, Adobe, Cisco, Deloitte, Google, IBM et al) – clash with GDPR and overseas jurisdictions
• Mozilla – TCNs can be used against any user • FastMail – tech companies not qualified to evaluate due cause • Apple – innovation founded on strong device security • AFP ABC Raids - “In executing these search warrants, the AFP used section 3F of the Crimes Act, which was amended by schedule 3 of the Assistance and Access Act.”
GDPR Issues
GDPR ISSUES • To comply with TCN or TAN (“build a capability” vs “systemic vulnerability”), DCP must effectively breach consumer protection standards in GDPR • AA Act defence for breach of foreign law only applies to acts done outside of Australia • Art 32 GDPR: “… implement appropriate technical and organisational measures to ensure a level of security appropriate..” = within Australia • Jurisdiction & conflict of laws – what if the targeted technology, software or communication for decryption is located or partly located in EU? • Civil Immunity and cost recovery – only applies in Australia • GDPR Compliance Teams – how to evaluate compliance when DCP is unable to disclose information about or “about the mere existence of” a TAR, TAN or TCN?
Patriot Act Comparisons
PATRIOT ACT (NOW FREEDOM ACT) • Patriot Act was to expire in 2015, but renewed by Freedom Act • FBI and NSA vs ASIO and Signals Directorate • Dept of Homeland Security vs Home Affairs/Communications • Also very broad in scope • Access to financial transactions, emails, internet records, library records and essays of university students on an undisclosed basis • Detention of persons and searches of residential/business premises on an undisclosed basis
QUESTIONS • ? • nmurdoch@eaglegate.com.au • +61 7 3862 2271

Recommended

Communications Privacy and the State
Communications Privacy and the StateCommunications Privacy and the State
Communications Privacy and the StateGraham Smith
 
Regulatory perspective in dealing with Cyber crime
Regulatory perspective in dealing with Cyber crimeRegulatory perspective in dealing with Cyber crime
Regulatory perspective in dealing with Cyber crimeCA
 
Legal and policy framework -ICT week 2016
Legal and policy framework -ICT week 2016Legal and policy framework -ICT week 2016
Legal and policy framework -ICT week 2016CA
 
CTO-CybersecurityForum-2010-Patricia Asognwe
CTO-CybersecurityForum-2010-Patricia AsognweCTO-CybersecurityForum-2010-Patricia Asognwe
CTO-CybersecurityForum-2010-Patricia Asognwesegughana
 
File000167
File000167File000167
File000167Desmond Devendran
 
Gsma pmp - enhancing data protection and privacy in nigeria through the dat...
Gsma pmp - enhancing data protection and privacy in nigeria through the dat...Gsma pmp - enhancing data protection and privacy in nigeria through the dat...
Gsma pmp - enhancing data protection and privacy in nigeria through the dat...Nzeih Chukwuemeka
 
TRPC Digital Bytes July 2020
TRPC Digital Bytes July 2020TRPC Digital Bytes July 2020
TRPC Digital Bytes July 2020TRPC Pte Ltd
 
CTO-CybersecurityForum-2010-Richard Simpson
CTO-CybersecurityForum-2010-Richard SimpsonCTO-CybersecurityForum-2010-Richard Simpson
CTO-CybersecurityForum-2010-Richard Simpsonsegughana
 

Recommended

Communications Privacy and the State
Communications Privacy and the StateCommunications Privacy and the State
Communications Privacy and the StateGraham Smith
 
Regulatory perspective in dealing with Cyber crime
Regulatory perspective in dealing with Cyber crimeRegulatory perspective in dealing with Cyber crime
Regulatory perspective in dealing with Cyber crimeCA
 
Legal and policy framework -ICT week 2016
Legal and policy framework -ICT week 2016Legal and policy framework -ICT week 2016
Legal and policy framework -ICT week 2016CA
 
CTO-CybersecurityForum-2010-Patricia Asognwe
CTO-CybersecurityForum-2010-Patricia AsognweCTO-CybersecurityForum-2010-Patricia Asognwe
CTO-CybersecurityForum-2010-Patricia Asognwesegughana
 
File000167
File000167File000167
File000167Desmond Devendran
 
Gsma pmp - enhancing data protection and privacy in nigeria through the dat...
Gsma pmp - enhancing data protection and privacy in nigeria through the dat...Gsma pmp - enhancing data protection and privacy in nigeria through the dat...
Gsma pmp - enhancing data protection and privacy in nigeria through the dat...Nzeih Chukwuemeka
 
TRPC Digital Bytes July 2020
TRPC Digital Bytes July 2020TRPC Digital Bytes July 2020
TRPC Digital Bytes July 2020TRPC Pte Ltd
 
CTO-CybersecurityForum-2010-Richard Simpson
CTO-CybersecurityForum-2010-Richard SimpsonCTO-CybersecurityForum-2010-Richard Simpson
CTO-CybersecurityForum-2010-Richard Simpsonsegughana
 
Cyber crime legislation part 1
Cyber crime legislation part 1Cyber crime legislation part 1
Cyber crime legislation part 1MohsinMughal28
 
WCIT12 myth busting presentation
WCIT12 myth busting presentationWCIT12 myth busting presentation
WCIT12 myth busting presentationITU
 
The Regulatory and Spectrum Management Scenario in Telecom Network Optimization
The Regulatory and Spectrum Management Scenario in Telecom Network OptimizationThe Regulatory and Spectrum Management Scenario in Telecom Network Optimization
The Regulatory and Spectrum Management Scenario in Telecom Network OptimizationArief Gunawan
 
The enterprise of subscription tv piracy
The enterprise of subscription tv piracyThe enterprise of subscription tv piracy
The enterprise of subscription tv piracySabastion Forward
 
File000168
File000168File000168
File000168Desmond Devendran
 
Public Safety and the Internet of Everything
Public Safety and the Internet of EverythingPublic Safety and the Internet of Everything
Public Safety and the Internet of EverythingConnected Futures
 
Session 6.2 Cécile Barayre El Shami
Session 6.2 Cécile Barayre El ShamiSession 6.2 Cécile Barayre El Shami
Session 6.2 Cécile Barayre El ShamiCommonwealth Telecommunications Organisation
 
GSMA - 5G implementation and Rollout challenges in Nigeria
GSMA - 5G implementation and Rollout challenges in NigeriaGSMA - 5G implementation and Rollout challenges in Nigeria
GSMA - 5G implementation and Rollout challenges in NigeriaNzeih Chukwuemeka
 
Digital Communities and the Internet of Everything Case Studies
Digital Communities and the Internet of Everything Case StudiesDigital Communities and the Internet of Everything Case Studies
Digital Communities and the Internet of Everything Case StudiesConnected Futures
 
I Pv6 Presentation 310510 V4
I Pv6 Presentation 310510 V4I Pv6 Presentation 310510 V4
I Pv6 Presentation 310510 V4Chaesub Lee
 
POLICY SUPPORT IN MEDIA AND ENTERTAINMENT FOR MAKING IT GLOBALLY COMPETITIVES...
POLICY SUPPORT IN MEDIA AND ENTERTAINMENT FOR MAKING IT GLOBALLY COMPETITIVES...POLICY SUPPORT IN MEDIA AND ENTERTAINMENT FOR MAKING IT GLOBALLY COMPETITIVES...
POLICY SUPPORT IN MEDIA AND ENTERTAINMENT FOR MAKING IT GLOBALLY COMPETITIVES...pattok
 
CHFI
CHFICHFI
CHFIDesmond Devendran
 
File000172
File000172File000172
File000172Desmond Devendran
 
Digital policing applications and services catalogue
Digital policing applications and services catalogueDigital policing applications and services catalogue
Digital policing applications and services catalogueRobin Brooke
 
File000116
File000116File000116
File000116Desmond Devendran
 
Compliance audit under the Information Technology Act, 2000
Compliance audit under the Information Technology Act, 2000Compliance audit under the Information Technology Act, 2000
Compliance audit under the Information Technology Act, 2000Sagar Rahurkar
 
EENA 2021: Keynote – Cybersecurity
EENA 2021: Keynote – CybersecurityEENA 2021: Keynote – Cybersecurity
EENA 2021: Keynote – CybersecurityEENA (European Emergency Number Association)
 
BCN (Nigeria) strategies to promote broadband & digitization
BCN (Nigeria) strategies to promote broadband & digitization BCN (Nigeria) strategies to promote broadband & digitization
BCN (Nigeria) strategies to promote broadband & digitization Myles Freedman
 
File000166
File000166File000166
File000166Desmond Devendran
 
Cybercrime Prevention Act
Cybercrime Prevention ActCybercrime Prevention Act
Cybercrime Prevention ActMarkFredderickAbejo
 
Australian telecoms licensing - An overview
Australian telecoms licensing - An overviewAustralian telecoms licensing - An overview
Australian telecoms licensing - An overviewMartyn Taylor
 
IPTV IN INDIA SOME LEGAL PERSPECTIVES
IPTV IN INDIA SOME LEGAL PERSPECTIVESIPTV IN INDIA SOME LEGAL PERSPECTIVES
IPTV IN INDIA SOME LEGAL PERSPECTIVESpattok
 

More Related Content

What's hot

Cyber crime legislation part 1
Cyber crime legislation part 1Cyber crime legislation part 1
Cyber crime legislation part 1MohsinMughal28
 
WCIT12 myth busting presentation
WCIT12 myth busting presentationWCIT12 myth busting presentation
WCIT12 myth busting presentationITU
 
The Regulatory and Spectrum Management Scenario in Telecom Network Optimization
The Regulatory and Spectrum Management Scenario in Telecom Network OptimizationThe Regulatory and Spectrum Management Scenario in Telecom Network Optimization
The Regulatory and Spectrum Management Scenario in Telecom Network OptimizationArief Gunawan
 
The enterprise of subscription tv piracy
The enterprise of subscription tv piracyThe enterprise of subscription tv piracy
The enterprise of subscription tv piracySabastion Forward
 
Public Safety and the Internet of Everything
Public Safety and the Internet of EverythingPublic Safety and the Internet of Everything
Public Safety and the Internet of EverythingConnected Futures
 
GSMA - 5G implementation and Rollout challenges in Nigeria
GSMA - 5G implementation and Rollout challenges in NigeriaGSMA - 5G implementation and Rollout challenges in Nigeria
GSMA - 5G implementation and Rollout challenges in NigeriaNzeih Chukwuemeka
 
Digital Communities and the Internet of Everything Case Studies
Digital Communities and the Internet of Everything Case StudiesDigital Communities and the Internet of Everything Case Studies
Digital Communities and the Internet of Everything Case StudiesConnected Futures
 
I Pv6 Presentation 310510 V4
I Pv6 Presentation 310510 V4I Pv6 Presentation 310510 V4
I Pv6 Presentation 310510 V4Chaesub Lee
 
POLICY SUPPORT IN MEDIA AND ENTERTAINMENT FOR MAKING IT GLOBALLY COMPETITIVES...
POLICY SUPPORT IN MEDIA AND ENTERTAINMENT FOR MAKING IT GLOBALLY COMPETITIVES...POLICY SUPPORT IN MEDIA AND ENTERTAINMENT FOR MAKING IT GLOBALLY COMPETITIVES...
POLICY SUPPORT IN MEDIA AND ENTERTAINMENT FOR MAKING IT GLOBALLY COMPETITIVES...pattok
 
Digital policing applications and services catalogue
Digital policing applications and services catalogueDigital policing applications and services catalogue
Digital policing applications and services catalogueRobin Brooke
 
Compliance audit under the Information Technology Act, 2000
Compliance audit under the Information Technology Act, 2000Compliance audit under the Information Technology Act, 2000
Compliance audit under the Information Technology Act, 2000Sagar Rahurkar
 
BCN (Nigeria) strategies to promote broadband & digitization
BCN (Nigeria) strategies to promote broadband & digitization BCN (Nigeria) strategies to promote broadband & digitization
BCN (Nigeria) strategies to promote broadband & digitization Myles Freedman
 

What's hot (20)

Cyber crime legislation part 1
Cyber crime legislation part 1Cyber crime legislation part 1
Cyber crime legislation part 1
 
WCIT12 myth busting presentation
WCIT12 myth busting presentationWCIT12 myth busting presentation
WCIT12 myth busting presentation
 
The Regulatory and Spectrum Management Scenario in Telecom Network Optimization
The Regulatory and Spectrum Management Scenario in Telecom Network OptimizationThe Regulatory and Spectrum Management Scenario in Telecom Network Optimization
The Regulatory and Spectrum Management Scenario in Telecom Network Optimization
 
The enterprise of subscription tv piracy
The enterprise of subscription tv piracyThe enterprise of subscription tv piracy
The enterprise of subscription tv piracy
 
File000168
File000168File000168
File000168
 
Public Safety and the Internet of Everything
Public Safety and the Internet of EverythingPublic Safety and the Internet of Everything
Public Safety and the Internet of Everything
 
Session 6.2 Cécile Barayre El Shami
Session 6.2 Cécile Barayre El ShamiSession 6.2 Cécile Barayre El Shami
Session 6.2 Cécile Barayre El Shami
 
GSMA - 5G implementation and Rollout challenges in Nigeria
GSMA - 5G implementation and Rollout challenges in NigeriaGSMA - 5G implementation and Rollout challenges in Nigeria
GSMA - 5G implementation and Rollout challenges in Nigeria
 
Digital Communities and the Internet of Everything Case Studies
Digital Communities and the Internet of Everything Case StudiesDigital Communities and the Internet of Everything Case Studies
Digital Communities and the Internet of Everything Case Studies
 
I Pv6 Presentation 310510 V4
I Pv6 Presentation 310510 V4I Pv6 Presentation 310510 V4
I Pv6 Presentation 310510 V4
 
POLICY SUPPORT IN MEDIA AND ENTERTAINMENT FOR MAKING IT GLOBALLY COMPETITIVES...
POLICY SUPPORT IN MEDIA AND ENTERTAINMENT FOR MAKING IT GLOBALLY COMPETITIVES...POLICY SUPPORT IN MEDIA AND ENTERTAINMENT FOR MAKING IT GLOBALLY COMPETITIVES...
POLICY SUPPORT IN MEDIA AND ENTERTAINMENT FOR MAKING IT GLOBALLY COMPETITIVES...
 
CHFI
CHFICHFI
CHFI
 
File000172
File000172File000172
File000172
 
Digital policing applications and services catalogue
Digital policing applications and services catalogueDigital policing applications and services catalogue
Digital policing applications and services catalogue
 
File000116
File000116File000116
File000116
 
Compliance audit under the Information Technology Act, 2000
Compliance audit under the Information Technology Act, 2000Compliance audit under the Information Technology Act, 2000
Compliance audit under the Information Technology Act, 2000
 
EENA 2021: Keynote – Cybersecurity
EENA 2021: Keynote – CybersecurityEENA 2021: Keynote – Cybersecurity
EENA 2021: Keynote – Cybersecurity
 
BCN (Nigeria) strategies to promote broadband & digitization
BCN (Nigeria) strategies to promote broadband & digitization BCN (Nigeria) strategies to promote broadband & digitization
BCN (Nigeria) strategies to promote broadband & digitization
 
File000166
File000166File000166
File000166
 
Cybercrime Prevention Act
Cybercrime Prevention ActCybercrime Prevention Act
Cybercrime Prevention Act
 

Similar to Understanding Australia's anti encryption law | EAGLEGATE

Australian telecoms licensing - An overview
Australian telecoms licensing - An overviewAustralian telecoms licensing - An overview
Australian telecoms licensing - An overviewMartyn Taylor
 
IPTV IN INDIA SOME LEGAL PERSPECTIVES
IPTV IN INDIA SOME LEGAL PERSPECTIVESIPTV IN INDIA SOME LEGAL PERSPECTIVES
IPTV IN INDIA SOME LEGAL PERSPECTIVESpattok
 
2019 june tcca-public_safety_prioritisation
2019 june tcca-public_safety_prioritisation2019 june tcca-public_safety_prioritisation
2019 june tcca-public_safety_prioritisationalirezazavieh
 
The Cloud Computing Contract Playbook: Contracting for Cloud Services
The Cloud Computing Contract Playbook: Contracting for Cloud ServicesThe Cloud Computing Contract Playbook: Contracting for Cloud Services
The Cloud Computing Contract Playbook: Contracting for Cloud ServicesThis account is closed
 
Privacy at the Handset: New FCC Rules?
Privacy at the Handset: New FCC Rules?Privacy at the Handset: New FCC Rules?
Privacy at the Handset: New FCC Rules?Christie Dudley
 
Network Neutrality - Training Presentation for Indictee Scientists at C-DAC, ...
Network Neutrality - Training Presentation for Indictee Scientists at C-DAC, ...Network Neutrality - Training Presentation for Indictee Scientists at C-DAC, ...
Network Neutrality - Training Presentation for Indictee Scientists at C-DAC, ...Rajat Kumar
 
SLALOM Project Legal Webinar Introduction 20151019 Legal Aspects
SLALOM Project Legal Webinar Introduction 20151019 Legal AspectsSLALOM Project Legal Webinar Introduction 20151019 Legal Aspects
SLALOM Project Legal Webinar Introduction 20151019 Legal AspectsOliver Barreto Rodríguez
 
Cellphone Tower Regulation: Maximizing Revenue While Protecting Local Interests
Cellphone Tower Regulation: Maximizing Revenue While Protecting Local InterestsCellphone Tower Regulation: Maximizing Revenue While Protecting Local Interests
Cellphone Tower Regulation: Maximizing Revenue While Protecting Local InterestsBest Best and Krieger LLP
 
2016-09-28 Are You ADA Compliant? Ensuring Your Website is Accessible to Peop...
2016-09-28 Are You ADA Compliant? Ensuring Your Website is Accessible to Peop...2016-09-28 Are You ADA Compliant? Ensuring Your Website is Accessible to Peop...
2016-09-28 Are You ADA Compliant? Ensuring Your Website is Accessible to Peop...Raffa Learning Community
 
Information technology and law and trai
Information technology and law and traiInformation technology and law and trai
Information technology and law and traiHimanshu Jawa
 
2 Understand what is meant by professional practice
2 Understand what is meant by professional practice2 Understand what is meant by professional practice
2 Understand what is meant by professional practiceMark Anthony Kavanagh
 
King County ERP 1999 Finalrep
King County ERP 1999 FinalrepKing County ERP 1999 Finalrep
King County ERP 1999 FinalrepErnie Ting
 
Cloud Computing and the Public Sector
Cloud Computing and the Public SectorCloud Computing and the Public Sector
Cloud Computing and the Public SectorMHCCloud
 
The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30
The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30
The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30This account is closed
 
Background Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docxBackground Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docxikirkton
 
Sookman federal circuit_internet_and_copyright_
Sookman federal circuit_internet_and_copyright_Sookman federal circuit_internet_and_copyright_
Sookman federal circuit_internet_and_copyright_bsookman
 
ATT Inc. Strategy Analysis
ATT Inc. Strategy AnalysisATT Inc. Strategy Analysis
ATT Inc. Strategy AnalysisKyle Hughes
 
Technology & Life Science Practice, FailSafe Overview
Technology & Life Science Practice, FailSafe OverviewTechnology & Life Science Practice, FailSafe Overview
Technology & Life Science Practice, FailSafe OverviewCary Adler
 

Similar to Understanding Australia's anti encryption law | EAGLEGATE (20)

Australian telecoms licensing - An overview
Australian telecoms licensing - An overviewAustralian telecoms licensing - An overview
Australian telecoms licensing - An overview
 
IPTV IN INDIA SOME LEGAL PERSPECTIVES
IPTV IN INDIA SOME LEGAL PERSPECTIVESIPTV IN INDIA SOME LEGAL PERSPECTIVES
IPTV IN INDIA SOME LEGAL PERSPECTIVES
 
2019 june tcca-public_safety_prioritisation
2019 june tcca-public_safety_prioritisation2019 june tcca-public_safety_prioritisation
2019 june tcca-public_safety_prioritisation
 
CTO_Yaounde_17Oct23.pdf
CTO_Yaounde_17Oct23.pdfCTO_Yaounde_17Oct23.pdf
CTO_Yaounde_17Oct23.pdf
 
The Cloud Computing Contract Playbook: Contracting for Cloud Services
The Cloud Computing Contract Playbook: Contracting for Cloud ServicesThe Cloud Computing Contract Playbook: Contracting for Cloud Services
The Cloud Computing Contract Playbook: Contracting for Cloud Services
 
Privacy at the Handset: New FCC Rules?
Privacy at the Handset: New FCC Rules?Privacy at the Handset: New FCC Rules?
Privacy at the Handset: New FCC Rules?
 
Network Neutrality - Training Presentation for Indictee Scientists at C-DAC, ...
Network Neutrality - Training Presentation for Indictee Scientists at C-DAC, ...Network Neutrality - Training Presentation for Indictee Scientists at C-DAC, ...
Network Neutrality - Training Presentation for Indictee Scientists at C-DAC, ...
 
SLALOM Project Legal Webinar Introduction 20151019 Legal Aspects
SLALOM Project Legal Webinar Introduction 20151019 Legal AspectsSLALOM Project Legal Webinar Introduction 20151019 Legal Aspects
SLALOM Project Legal Webinar Introduction 20151019 Legal Aspects
 
Cellphone Tower Regulation: Maximizing Revenue While Protecting Local Interests
Cellphone Tower Regulation: Maximizing Revenue While Protecting Local InterestsCellphone Tower Regulation: Maximizing Revenue While Protecting Local Interests
Cellphone Tower Regulation: Maximizing Revenue While Protecting Local Interests
 
2016-09-28 Are You ADA Compliant? Ensuring Your Website is Accessible to Peop...
2016-09-28 Are You ADA Compliant? Ensuring Your Website is Accessible to Peop...2016-09-28 Are You ADA Compliant? Ensuring Your Website is Accessible to Peop...
2016-09-28 Are You ADA Compliant? Ensuring Your Website is Accessible to Peop...
 
Information technology and law and trai
Information technology and law and traiInformation technology and law and trai
Information technology and law and trai
 
2 Understand what is meant by professional practice
2 Understand what is meant by professional practice2 Understand what is meant by professional practice
2 Understand what is meant by professional practice
 
King County ERP 1999 Finalrep
King County ERP 1999 FinalrepKing County ERP 1999 Finalrep
King County ERP 1999 Finalrep
 
Cloud Computing and the Public Sector
Cloud Computing and the Public SectorCloud Computing and the Public Sector
Cloud Computing and the Public Sector
 
The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30
The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30
The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30
 
Background Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docxBackground Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docx
 
Tatoa FCC Threats and Opportunities
Tatoa FCC Threats and OpportunitiesTatoa FCC Threats and Opportunities
Tatoa FCC Threats and Opportunities
 
Sookman federal circuit_internet_and_copyright_
Sookman federal circuit_internet_and_copyright_Sookman federal circuit_internet_and_copyright_
Sookman federal circuit_internet_and_copyright_
 
ATT Inc. Strategy Analysis
ATT Inc. Strategy AnalysisATT Inc. Strategy Analysis
ATT Inc. Strategy Analysis
 
Technology & Life Science Practice, FailSafe Overview
Technology & Life Science Practice, FailSafe OverviewTechnology & Life Science Practice, FailSafe Overview
Technology & Life Science Practice, FailSafe Overview
 

Recently uploaded

Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝soniya singh
 
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书1k98h0e1
 
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceLaw360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceMichael Cicero
 
Alexis O'Connell Lexileeyogi 512-840-8791
Alexis O'Connell Lexileeyogi 512-840-8791Alexis O'Connell Lexileeyogi 512-840-8791
Alexis O'Connell Lexileeyogi 512-840-8791BlayneRush1
 
Rights of under-trial Prisoners in India
Rights of under-trial Prisoners in IndiaRights of under-trial Prisoners in India
Rights of under-trial Prisoners in IndiaAbheet Mangleek
 
POLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxPOLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxAbhishekchatterjee248859
 
SecuritiesContracts(Regulation)Act,1956.pdf
SecuritiesContracts(Regulation)Act,1956.pdfSecuritiesContracts(Regulation)Act,1956.pdf
SecuritiesContracts(Regulation)Act,1956.pdfDrNiteshSaraswat
 
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一jr6r07mb
 
Indian Contract Act-1872-presentation.pptx
Indian Contract Act-1872-presentation.pptxIndian Contract Act-1872-presentation.pptx
Indian Contract Act-1872-presentation.pptxSauravAnand68
 
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书SD DS
 
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxTest Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxsrikarna235
 
The Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptxThe Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptxNeeteshKumar71
 
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书srst S
 
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书Fir L
 
Sports Writing for PISAYyyyyyyyyyyyyyy.pptx
Sports Writing for PISAYyyyyyyyyyyyyyy.pptxSports Writing for PISAYyyyyyyyyyyyyyy.pptx
Sports Writing for PISAYyyyyyyyyyyyyyy.pptxmarielouisetulaytay
 
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书SD DS
 
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTSVIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTSDr. Oliver Massmann
 
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...Dr. Oliver Massmann
 
Trial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 seditionTrial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 seditionNilamPadekar1
 
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书SD DS
 

Recently uploaded (20)

Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝
 
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
 
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceLaw360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
 
Alexis O'Connell Lexileeyogi 512-840-8791
Alexis O'Connell Lexileeyogi 512-840-8791Alexis O'Connell Lexileeyogi 512-840-8791
Alexis O'Connell Lexileeyogi 512-840-8791
 
Rights of under-trial Prisoners in India
Rights of under-trial Prisoners in IndiaRights of under-trial Prisoners in India
Rights of under-trial Prisoners in India
 
POLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxPOLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptx
 
SecuritiesContracts(Regulation)Act,1956.pdf
SecuritiesContracts(Regulation)Act,1956.pdfSecuritiesContracts(Regulation)Act,1956.pdf
SecuritiesContracts(Regulation)Act,1956.pdf
 
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
 
Indian Contract Act-1872-presentation.pptx
Indian Contract Act-1872-presentation.pptxIndian Contract Act-1872-presentation.pptx
Indian Contract Act-1872-presentation.pptx
 
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书
 
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxTest Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptx
 
The Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptxThe Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptx
 
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书
 
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
 
Sports Writing for PISAYyyyyyyyyyyyyyy.pptx
Sports Writing for PISAYyyyyyyyyyyyyyy.pptxSports Writing for PISAYyyyyyyyyyyyyyy.pptx
Sports Writing for PISAYyyyyyyyyyyyyyy.pptx
 
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
 
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTSVIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
 
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
 
Trial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 seditionTrial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 sedition
 
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
 

Understanding Australia's anti encryption law | EAGLEGATE

  • 1. ANTI-ENCRYPTION LAW ISSUES AND UPDATES TELECOMMUNICATIONS AND OTHER LEGISLATION AMENDMENT (ASSISTANCE AND ACCESS) ACT 2018 (CTH) This presentation gives general advice only. If you require specific legal advice, please make contact. © Eagle & Gate Pty Ltd, 2019, Queensland
  • 2. NICOLE MURDOCH BEng(Elec). J.D. (Hons 1) MIP FIPTA • Principal EAGLEGATE Lawyers • Director Australian Information Security Association (AISA) • Registered Trade Marks Attorney eaglegate.com.au nmurdoch@eaglegate.com.au +61 7 3862 2271 linkedin.com/in/nicolemurdoch/
  • 3. KEY TAKEAWAYS 1. Overview of the Assistance and Access Act (AA Act) 2. Who it applies to 3. Types of assistance 4. Criticism 5. GDPR Issues 6. Comparisons to Patriot Act (USA)
  • 4. Overview Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 (Cth) – The AA Act Meanwhile, in Australia
  • 5. THE ASSISTANCE AND ACCESS ACT 1. Compels entities involved in the telecommunication supply chain to provide access to data, even if that data is encrypted 2. Very broad scope of “designated communication providers” (DCPs) 3. DCPs notified in 3 ways: 1. Technical Assistance Request (TAR); or 2. Technical Assistance Notice (TAN); or 3. Technical Capability Notice (TCN). 4. No guarantee you will know a DCP in your supply chain has received a TAR, TAN or TCN 5. Offence provisions for disclosure 6. Some judicial review available through FCA, limited internal review
  • 6. Who it applies to Meanwhile, in Australia
  • 7. DESIGNATED COMMUNICATION PROVIDERS • The AA Act applies to almost everyone involved in a telecommunications supply chain with end-users in Australia
  • 8. DESIGNATED COMMUNICATION PROVIDERS • Carriers – the owners of telecom network infrastructure in Australia; • Examples: Optus, Telstra, Vodafone, TPG • Carriage Service Providers – entities that sell telecom services delivered over Carrier networks in Australia; • Examples: iiNet, NBN Co, Verizon, Vocus Fibre, Uecomm, AAPT
  • 9. DESIGNATED COMMUNICATION PROVIDERS • Network Facilitators – any entity that manufactures, supplies, operates or maintains telecom network infrastructure, or components used in that infrastructure, in Australia; • Examples: technical experts, contractors, maintenance crews • Customer Equipment Facilitators – any entity that manufactures or supplies customer equipment for use, or that is likely to be used, in Australia; • Examples: manufacturers and retailers of mobiles, modems and computing devices, circuit boards, subscriber identification modules (SIMs) or memory units of a mobile device
  • 10. DESIGNATED COMMUNICATION PROVIDERS • Websites and Messaging Applications – any entity that supplies “electronic services” (any service that allows end-users to access material using a Carriage Service) in Australia; • Examples: Facebook, Instagram, WhatsApp, operators of websites and chat forums, secure messaging applications, hosting services including cloud and web hosting, peer-to-peer sharing platforms and email distribution lists • Service & Software Developers – any entity that provides services or software for use in connection with a Carriage Service or an “electronic service”; • Examples: software developers, suppliers, app developers
  • 12. TAR & TAN Under a TAR (voluntary) or TAN (mandatory), a DCP can be compelled to: • decrypt communications: • But only where the DCP holds the encryption key already • install, test, maintain or use agency software on an existing DCP network; • modify the characteristics of a service or substitute a service provided by the DCP; • facilitate access to a relevant facility, piece of equipment, device or service; • provide a broad range of technical information: • Includes "source code, network or service design plans, and the details of third party providers contributing to the delivery of a communications service, the configuration settings of network equipment and encryption schemes" • '"conceal the fact that agencies have undertaken a covert operation"; • Notify any changes to, or developments of, the DCP’s service that may be relevant to a warrant: • Including notice of new or improved products, new outsourcing or offshoring arrangements
  • 13. TCN Under a TCN (mandatory), a DCP may be required to: • build a capability to provide a type of assistance listed in the Act; • do anything within the scope of a TAN • I.e. to avoid duplicitous notices
  • 14. LIMITATIONS • A TAR, TAN or TCN must not have the effect of requesting or requiring the implementation or building of a "systemic vulnerability“ • BUT – “Systemic Vulnerability” s.317B "a vulnerability that affects a whole class of technology, but does not include a vulnerability that is selectively introduced to one or more target technologies that are connected with a particular person. For this purpose, it is immaterial whether the person can be identified” • Backlash from many tech companies regarding the wording of these provisions • e.g. Apple and the FBI “backdoor” issues in USA
  • 15. JUDICIAL OVERSIGHT? • Unlike a warrant, no judicial oversight • TAR – approved/issued by DG of Security, ASIO, Signals Directorate • TAN – approved/issued by DG of Security or “the chief officer of an interception agency of a State or Territory” • TCN – approved/issued by Attorney-General only • must be first approved by Minister for Communications + DCP must be consulted
  • 16. PENALTIES • DCP immune from civil liability complying with TAR, TAN or TCN • DCP recommended to contract with requesting agency re costs recovery • Max. civil penalty for DCP = 47,619 penalty units (~$10mil) • Unauthorised disclosure of information about a TAR, TAN or TCN, or its existence = up to 5 yrs imprisonment
  • 17. APPEALS? • Decisions under Part 15 not subject to review through the ADJR Act, nor are they “made by a judicial officer” • However, judicial review through the original jurisdiction of the High Court or Federal Court of Australia by operation of section 39B(1) of the Judiciary Act 1903 (Cth) is available • Limited Internal Review: • If TCN requires you to build a new capability, you can request that the TCN is assessed to determine whether it should have been given; • Conducted by two assessors, including a technical expert and former judicial officer • Can apply for JR of that decision also
  • 19. • Telstra – no civil immunity from system faults or service degradation • Senetas – non-disclosure prevents public explanation • Amazon – users expect products/service free from interference • Australian Information Industry Association (membership – Apple, Adobe, Cisco, Deloitte, Google, IBM et al) – clash with GDPR and overseas jurisdictions
  • 20. • Mozilla – TCNs can be used against any user • FastMail – tech companies not qualified to evaluate due cause • Apple – innovation founded on strong device security • AFP ABC Raids - “In executing these search warrants, the AFP used section 3F of the Crimes Act, which was amended by schedule 3 of the Assistance and Access Act.”
  • 22. GDPR ISSUES • To comply with TCN or TAN (“build a capability” vs “systemic vulnerability”), DCP must effectively breach consumer protection standards in GDPR • AA Act defence for breach of foreign law only applies to acts done outside of Australia • Art 32 GDPR: “… implement appropriate technical and organisational measures to ensure a level of security appropriate..” = within Australia • Jurisdiction & conflict of laws – what if the targeted technology, software or communication for decryption is located or partly located in EU? • Civil Immunity and cost recovery – only applies in Australia • GDPR Compliance Teams – how to evaluate compliance when DCP is unable to disclose information about or “about the mere existence of” a TAR, TAN or TCN?
  • 24. PATRIOT ACT (NOW FREEDOM ACT) • Patriot Act was to expire in 2015, but renewed by Freedom Act • FBI and NSA vs ASIO and Signals Directorate • Dept of Homeland Security vs Home Affairs/Communications • Also very broad in scope • Access to financial transactions, emails, internet records, library records and essays of university students on an undisclosed basis • Detention of persons and searches of residential/business premises on an undisclosed basis